Nodejs SSL using CloudFlare not working over https

0
votes

So the problem I'm having is that the client won't connect with the server.js when the server.js is using https.

if I go to "https://mydomainame.com" I get this error in the console of every other browser than brave browser index.js:83 GET https://serverip:8081/socket.io/?EIO=3&transport=polling&t=NK0oCD6 net::ERR_CERT_AUTHORITY_INVALID enter image description here

(The blacked out is the IP address of the server) the weird thing is that in the brave browser the domain changes to "http://mydomainame.com" and the client then is connected to server.js
enter image description here

I'm using free Cloudflare with Full end to end encryption enter image description here

server.js code:

var express = require('express'),
https = require('https');
var app = express();
var fs = require('fs');
var httpsOptions = { 
    key: fs.readFileSync('/var/www/ssl/sitename.com.key'),
    cert: fs.readFileSync('/var/www/ssl/sitename.com.pem')};
var server = https.createServer(httpsOptions,app);
var io = require('socket.io').listen(server);

const port = 8081;
server.listen(port);

And client.js connection code:

socket = io.connect('https://serverip:8081', {secure: true});

I am using the same Origin Certificates for the server and for the nodejs code. The server is using Apache2 with PHPMyAdmin and is configured to make the domain only work using https.

I read somewhere something Cloudflare not being able to use other ports than 443 and some other but I did not really understand it, And I can't get the server.js to work over port 443.

I'm thankful for any information or help I can get! :)

1
node.jshttpssocket.iossl-certificatecloudflare
Yes CloudFlare does not support non-443 ports, and your client code is not connecting to CF either, you are connecting directly to serverip which is the origin server. In this case, nodejs will serve the CF origin certificate to your browser, and since the origin certificate is for specific use with CF, your browser will report certificate error.Eric Wong
Oh okay. What do you recommend I should do? make the node code use port 443 and connect thru it using the CF IP address. if that is even possible. or should I get a different Certificate for the node code? I'm kind of new to all this stuff! Tnx for the reply :)Chicken V2
yes, make your nodejs listen on 443 is the way to goEric Wong
@EricWong I Checked this article [Cloudflare article ](support.cloudflare.com/hc/en-us/articles/…) and it says that they also alow a few other ports over https. So when I changed in my code to port 8443. And also changed socket = io.connect('https://domainname.com:8443', {secure: true}); and now I get this error in the console link to imgChicken V2
is your site running on domainname.com default port 80 or 443? you are seeing CORS problems which is whole other topicEric Wong

1 Answers

2
votes

So I figured it out, big thanks to Eric Wong for pointing out the biggest problem that I was trying to connect to the server using its IP there for not going thru Cloudflare.

Then in this article Identifying network ports compatible with Cloudflare's proxy you can see what ports Cloudflare allows connections on then, I have changed my code. I used the https port 8443

socket = io.connect('https://domainname.com:8443',{secure: true});

then the only thing I had to do was to port forward the new port and everything worked fine!