From 26087f8dc7e713d162c0b900d89369fcce124fff Mon Sep 17 00:00:00 2001 From: Ben Hardill Date: Mon, 26 Jul 2021 10:25:06 +0100 Subject: [PATCH] Fix support for supplied CA certs --- .../nodes/core/network/21-httprequest.js | 4 +++ .../nodes/core/network/21-httprequest_spec.js | 27 +++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js b/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js index 692f5de8c..bf193b6af 100644 --- a/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js +++ b/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js @@ -449,6 +449,10 @@ in your Node-RED user directory (${RED.settings.userDir}). if (tlsNode) { opts.https = {}; tlsNode.addTLSOptions(opts.https); + if (opts.https.ca) { + opts.https.certificateAuthority = opts.https.ca; + delete opts.https.ca; + } } else { if (msg.hasOwnProperty('rejectUnauthorized')) { opts.https = { rejectUnauthorized: msg.rejectUnauthorized }; diff --git a/test/nodes/core/network/21-httprequest_spec.js b/test/nodes/core/network/21-httprequest_spec.js index e6610ecb6..c3ec942f7 100644 --- a/test/nodes/core/network/21-httprequest_spec.js +++ b/test/nodes/core/network/21-httprequest_spec.js @@ -1518,6 +1518,33 @@ describe('HTTP Request Node', function() { }); }); + it('should use tls-config and verify serverCert', function(done) { + var flow = [ + {id:"n1",type:"http request",wires:[["n2"]],method:"GET",ret:"txt",url:getSslTestURLWithoutProtocol('/text'),tls:"n3"}, + {id:"n2", type:"helper"}, + {id:"n3", type:"tls-config", cert:"test/resources/ssl/server.crt", key:"test/resources/ssl/server.key", ca:"test/resources/ssl/server.crt", verifyservercert:true}]; + var testNodes = [httpRequestNode, tlsNode]; + helper.load(testNodes, flow, function() { + var n3 = helper.getNode("n3"); + var n2 = helper.getNode("n2"); + var n1 = helper.getNode("n1"); + n2.on("input", function(msg) { + try { + msg.should.have.property('payload','hello'); + msg.should.have.property('statusCode',200); + msg.should.have.property('headers'); + msg.headers.should.have.property('content-length',''+('hello'.length)); + msg.headers.should.have.property('content-type').which.startWith('text/html'); + msg.should.have.property('responseUrl').which.startWith('https://'); + done(); + } catch(err) { + done(err); + } + }); + n1.receive({payload:"foo"}); + }); + }); + //Removing HTTP Proxy testcases as GOT + Proxy_Agent doesn't work with mock'd proxy /* */ it('should use http_proxy', function(done) {