I used OpenSSL to generate a certificate with the following steps:
~/openssl genrsa -out server.key 2048
~/openssl req -new -x509 -key server.key -out server.crt -days 730
And then loaded these files into node.js
var https = require('https');
var privateKey = fs.readFileSync('./server.key', 'utf8');
var certificate = fs.readFileSync('./server.crt', 'utf8');
var credentials = {
key: privateKey,
cert: certificate
};
var app = express();
var httpsServer = https.createServer(credentials, app);
This way, my server was running as expected. But in Chrome, when i click View Site Information, it was saying that I use an "obsolete cipher suite"..
So I checked Google's certificate, and it was saying a "modern cipher suite".
Only difference between my self-signed certificate and Google's was the Key Exchange Algorithm which was RSA on my side and ECDHE_ECDSA on Google's side.
So I decided to create a new certificate using;
~/openssl ecparam -name prime256v1 -genkey -param_enc explicit -out server.key
~/openssl req -new -x509 -key server.key -out server.crt -days 730
Files are created, and node.js gives no error about anything. But when I try to connect to server, my browser simply closes the connection (ERR_CONNECTION_CLOSED) with no indication of error on both server and client side.
I tried different private keys with different parameters but no luck. A simple error message somewhere would help a lot but I'm stuck for hours Googling about how to create Modern Ciphers, trying those out and end up having nothing.
So my question is, how am I supposed to create a self-signed strong/modern cipher (with openssl) that can work with Node.js https module?