search

SAP-docs / btp-cloud-platform

Markdown source for the SAP BTP documentation. Enables feedback and contributions to improve the documentation.
Creative Commons Attribution 4.0 International
51 stars 94 forks source link

Creating a new certificate does not explain that when using node.js legacy openSSL has to be activated due to old chiffre #212

Closed schiwekM closed 6 months ago

schiwekM commented 6 months ago

Issue description

Hi colleagues,

when following the steps from the docu it is explained how to create the pem certificate file, etc.

However one error I did run into is, that when using Node.js 17 and above the error

{"response":"Response: \n Error: unsupported\n    at configSecureContext (node:internal/tls/secure-context:280:15)\n    at Object.createSecureContext (node:_tls_common:117:3)\n    at Object.connect (node:_tls_wrap:1691:48)\n    at Agent.createConnection (node:https:150:22)\n    at Agent.createSocket (node:_http_agent:341:26)\n    at Agent.addRequest (node:_http_agent:288:10)\n    at new ClientRequest (node:_http_client:342:16)\n    at Object.request (node:https:358:10)\n    at RedirectableRequest._performRequest (/home/vcap/deps/0/node_modules/follow-redirects/index.js:284:24)\n    at new RedirectableRequest (/home/vcap/deps/0/node_modules/follow-redirects/index.js:66:8)","error":{}}

is thrown. When setting the env variable NODE_OPTIONS=--openssl-legacy-provider than it works fine.

This is because of the issue described in https://github.com/nodejs/node/issues/40672 that RC2 is disabled with OpenSSL 3.0. When checking with the command mentioned over there the the cert also had Encrypted data: pbeWithSHA1And40BitRC2-CBC

Please either add the note that legacy open SSL has to be enabled or ideally that the Destination service does not use the technically broken cipher.

Thanks for having a look & BR, Marten

Feedback Type (Optional)

content gaps

Page Title on SAP Help Portal (prefilled)

Using Mutual Transport Layer Security (mTLS)

Page URL on SAP Help Portal (prefilled)

https://help.sap.com/docs/btp/sap-business-technology-platform/using-mutual-transport-layer-security-mtls?version=Cloud#loioe90cafcd92a54d1cba7d7fa049f674fa

Peteva commented 6 months ago

Thank you for your valuable feedback! We will look into it and come back to you if we have any questions.

ekaterina-mitova commented 6 months ago

Hi @schiwekM, This is not a documentation issue, it's rather something that the Destination service team needs to look into. It would be best if you open a case in the BC-CP-DEST-CF component so the colleagues can investigate further.

nikolasimeonov77 commented 6 months ago

Hi there 👋 This repository is only used to review feedback on documentation. Please use other more appropriate channels to report problems with the product, service, or tool being described (such as the SAP Community Q&A and the SAP Support Portal). See also our Dos and Don'ts.