1

I am developing a web app with React (front-end) and Nodejs (back-end) and I need to use digital certificates to authenticate.

The options given to the server are:

  key: fs.readFileSync('./certs/localhost_key.pem'),
    cert: fs.readFileSync('./certs/localhost_cert.pem'),
    requestCert: true , rejectUnauthorized: false,
    ca: [
    fs.readFileSync('./certs/ACCVCA120.crt')
  ]
}

Once you select the certificate, the line which reads the certificate from the back-end is let cert = req.connection.getPeerCertificate(), and the front-end calls the endpoint which owns that line to read it.

If I use a certificate which is stored on the computer, the app reads the certificate properly, but if it reads it from a smart card, I get the following error after selecting the certificate: net::ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED.

¿Could you provide me a way to solve this error?

Thank you.

Daniel
  • 51
  • 1
  • 6

1 Answers1

0

Finally I solved the problem, I let the solution here.

I was using the flag --tls-min-v1.0 because I need it to establish a secure connection with Active Directory.

To perform the smart card reading I need a newer TLS version, at least TLS 1.2, so the reading was failing.

If I used the newer TLS version, the AD connection failed, so finally the solution was adding two flags:

  • --tls-min-v1.0
  • --tls-max-v1.2
Daniel
  • 51
  • 1
  • 6