Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Error: Unable to load PFX certificate" in version 15.4 and higher #3506

Closed
mittinatten opened this issue Aug 17, 2021 · 3 comments
Closed

"Error: Unable to load PFX certificate" in version 15.4 and higher #3506

mittinatten opened this issue Aug 17, 2021 · 3 comments

Comments

@mittinatten
Copy link

  • Node.js Version: 15.4 and higher
  • OS: Mac OS, Linux
  • Scope (install, code, runtime, meta, other?):
  • Module (and version) (if relevant): TLS and/or crypto

When upgrading an application to Node 16, we got problems connecting to an Elasticsearch cluster (created using a k8s operator on Azure). Everything works fine in versions 15.2.1 and 14.17.15. In versions 16.6.2, 16.0.0 and 15.4.0 the error is:

uncaughtException {
  error: Error: Unable to load PFX certificate
      at configSecureContext (node:internal/tls/secure-context:278:15)
      at Object.createSecureContext (node:_tls_common:116:3)
      at Object.connect (node:_tls_wrap:1621:48)
      at HttpsAgent.createConnection (node:https:143:22)
      ...

With version 15.3 I get another error in the same call

uncaughtException {
  error: TypeError [ERR_INVALID_ARG_TYPE]: The "options.ciphers" property must be of type string. Received null
      at new NodeError (node:internal/errors:278:15)
      at validateString (node:internal/validators:123:11)
      at Object.createSecureContext (node:_tls_common:267:5)
      at Object.connect (node:_tls_wrap:1581:48)
      at HttpsAgent.createConnection (node:https:129:22)
      ...

As far as I can tell from the change log between version 15.2 and 15.4, there were no new features or stricter rules in the TLS or Crypto modules, which is why I suspect there might be a bug somewhere. Googling the error message returned only a few hits, and they all are from after the release of v16. Several of them are related to elastic search, and none have a solution yet. (See this one for example https://stackoverflow.com/questions/68082679/getting-error-error-unable-to-load-pfx-certificate-on-a-node-js-application-w).

Not much code to show, but these are the essentials:

 import { Client as ElasticClient } from 'elasticsearch'; // v 16.7.2
 const elastic =new ElasticClient({
  host: '...',
  apiVersion: '7.x',
  httpAuth: '...',
});

elastic.search(/*anything*/);
@Ayase-252
Copy link
Member

Ayase-252 commented Aug 17, 2021
edited
Loading

See nodejs/node#36292. It maybe the same issue?

@mittinatten
Copy link
Author

Yes, looks like the the same as nodejs/node#36292 (comment). Thanks!

@Ayase-252
Copy link
Member

Ayase-252 commented Sep 1, 2021
edited
Loading

Closing as duplicate of nodejs/node#36292

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mittinatten @Ayase-252