Description
- Node.js Version: 15.4 and higher
- OS: Mac OS, Linux
- Scope (install, code, runtime, meta, other?):
- Module (and version) (if relevant): TLS and/or crypto
When upgrading an application to Node 16, we got problems connecting to an Elasticsearch cluster (created using a k8s operator on Azure). Everything works fine in versions 15.2.1 and 14.17.15. In versions 16.6.2, 16.0.0 and 15.4.0 the error is:
uncaughtException {
error: Error: Unable to load PFX certificate
at configSecureContext (node:internal/tls/secure-context:278:15)
at Object.createSecureContext (node:_tls_common:116:3)
at Object.connect (node:_tls_wrap:1621:48)
at HttpsAgent.createConnection (node:https:143:22)
...
With version 15.3 I get another error in the same call
uncaughtException {
error: TypeError [ERR_INVALID_ARG_TYPE]: The "options.ciphers" property must be of type string. Received null
at new NodeError (node:internal/errors:278:15)
at validateString (node:internal/validators:123:11)
at Object.createSecureContext (node:_tls_common:267:5)
at Object.connect (node:_tls_wrap:1581:48)
at HttpsAgent.createConnection (node:https:129:22)
...
As far as I can tell from the change log between version 15.2 and 15.4, there were no new features or stricter rules in the TLS or Crypto modules, which is why I suspect there might be a bug somewhere. Googling the error message returned only a few hits, and they all are from after the release of v16. Several of them are related to elastic search, and none have a solution yet. (See this one for example https://stackoverflow.com/questions/68082679/getting-error-error-unable-to-load-pfx-certificate-on-a-node-js-application-w).
Not much code to show, but these are the essentials:
import { Client as ElasticClient } from 'elasticsearch'; // v 16.7.2
const elastic =new ElasticClient({
host: '...',
apiVersion: '7.x',
httpAuth: '...',
});
elastic.search(/*anything*/);