jaredhanson
commented
10 years ago What version of node are you running, and which OAuth provider are you using?
Open meandus opened 10 years ago
jaredhanson
commented
10 years ago What version of node are you running, and which OAuth provider are you using?
meandus
commented
10 years ago node -v v0.10.21
OAuth Provider is custom oauth2.0 provide from FOSOAuthServerBundle (SSL is provide by CaCert)
meandus
commented
10 years ago It works with standard HTTP but not using SSL CaCert.
jaredhanson
commented
10 years ago The details for using self-signed certificates are detailed on Node's HTTPS API. There may be some plumbing/patching required to make the underlying node-oauth module use those options.
I feel a moral duty not to tell people how to disable SSL checks. I'm sure that information is easily Googled.
jaredhanson
commented
10 years ago Also, if you set up the CA-related options to HTTPS, please update this ticket with details. I want to make sure Passport supports this well.
meandus
commented
10 years ago I read about HTTPS API. They explain how to provide certificate for the server side. But i use passport on my client side and communication between client and server OAUTH use https. I have ROOT CaCert in my /etc/ssl/certificates on Debian server hosting oauth client, i would like to know it's possible to read all certificates in this directory using passport without modification on package.
jaredhanson
commented
10 years ago No, that won't be possible. Your application logic will have to read directories and then call modules using the API they expose.
Passport will not ever read or write files on its own.
Sent from my iPhone
On Jan 9, 2014, at 4:28 AM, Pouchain Rémy notifications@github.com wrote:
I read about HTTPS API. They explain how to provide certificate for the server side. But i use passport on my client side and communication between client and server OAUTH use https. I have ROOT CaCert in my /etc/ssl/certificates on Debian server hosting oauth client, i would like to know it's possible to read all certificates in this directory using passport without modification on package.
— Reply to this email directly or view it on GitHub.
meandus
commented
10 years ago Hi,
How can I override passport to use CA.crt needed to validate server certificate ?
http://www.benjiegillam.com/2012/06/node-dot-js-ssl-certificate-chain/ [3]
RÉMY POUCHAIN
SECURITY & NETWORK ENGINEER
T: (+33)6.62.46.89.04 [2] M: remy@pouchain.com
CheckPoint and Juniper Certified
Le 2014-01-09 16:03, Jared Hanson a écrit :
No, that won't be possible. Your application logic will have to read directories and then call modules using the API they expose.
Passport will not ever read or write files on its own.
Sent from my iPhone
On Jan 9, 2014, at 4:28 AM, Pouchain Rémy notifications@github.com wrote:
I read about HTTPS API. They explain how to provide certificate for the server side. But i use passport on my client side and communication between client and server OAUTH use https. I have ROOT CaCert in my /etc/ssl/certificates on Debian server hosting oauth client, i would like to know it's possible to read all certificates in this directory using passport without modification on package.
Reply to this email directly or view it on GitHub.
Reply to this email directly or view it on GitHub [1].
[1] https://github.com/jaredhanson/passport/issues/197#issuecomment-31939391 [2] callto://+33662468904+type=phone [3] http://www.benjiegillam.com/2012/06/node-dot-js-ssl-certificate-chain/
jaredhanson
commented
10 years ago Please reread the HTTPS API. It details usage of certificates and certificate authorities for client requests (as well as server requests).
As I mentioned, there may be some plumbing to do to get these options down to the oauth library from Passport. If you try it and find that to be the case, please provide details and a patch or suggested solution.
How i can disable SSL Check and/or How can i provide CA Root Certificate and Intermediary Certificate to validate all chain ?
Thanks in advance,