After upgrade from nodejs 9.11.2 to 10.15.3 on centos 7.5 certificates that signed by local CA stoped to work and failing on "unsupported certificate purpose" error.
Background: I have a cluster, the group of hosts that communicates with each other based on certificate authentication. All operations in the cluster pass through the master host (the host that you connected to, through the GUI), the master functions as gateway to the other hosts in a cluster and to itself . When I add ether new host or master to a cluster, the request passes from the GUI through the master to the new host or to the master itself. Each host acts both as server and client.
When I upgrade hosts to nodejs 10 version, the connection between the hosts is failing on "unsupported certificate purpose" error. Back to nodejs 9 works good.
Do you know any certificates restrictions in v10?
CA certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1557985050622892742 (0x159f132623bf1ac6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=max-ca-creator, C=US
Validity
Not Before: May 16 05:37:30 2019 GMT
Not After : May 13 05:37:30 2029 GMT
Subject: CN=max-ca-creator, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d8:99:07:f0:7e:49:60:cb:40:f3:f4:c5:9b:24:
a9:46:18:6b:e6:c5:cb:a9:df:1c:c5:f9:45:bb:56:
fc:79:5b:85:16:46:79:73:45:a9:6a:3a:aa:ee:e7:
75:a0:a6:22:32:a0:1f:19:f4:2d:03:f9:61:dd:30:
1b:f9:9e:82:68:5a:06:f1:f1:c3:09:ac:85:96:ea:
b9:b9:df:12:3b:c1:27:e4:85:87:81:82:c0:b1:08:
ed:9b:c0:37:b2:3c:d1:92:df:11:63:ad:45:2d:2c:
28:72:50:e4:c2:4e:bb:83:fb:07:b9:7b:59:15:9e:
77:62:8c:e2:fb:aa:f5:66:91:58:b3:b5:60:d2:82:
81:1e:b6:3d:71:a0:76:f9:f6:f6:b3:19:b0:c7:e0:
13:52:4a:60:8f:9a:71:7f:ce:e8:4e:90:47:f3:f2:
1f:fc:61:15:47:7c:4c:a3:3b:16:0b:19:5c:22:a3:
73:5c:04:49:08:bb:eb:7e:d1:45:8f:a9:f7:e5:28:
e0:0c:43:24:36:07:02:76:4f:f0:a7:e6:b8:e1:0f:
d0:5a:1b:73:9c:a8:1f:f6:7d:25:11:16:24:17:15:
5e:12:c2:cb:8e:a5:2d:3c:e2:d7:a4:fc:65:c1:cf:
3f:b8:e9:3b:a6:ba:36:49:5c:4f:fa:f2:a8:80:9d:
26:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Extended Key Usage:
OCSP Signing
X509v3 Subject Key Identifier:
9E:1A:02:D0:F9:02:66:CE:3E:28:97:3C:09:40:CF:F9:5B:54:2A:84
X509v3 Authority Key Identifier:
keyid:9E:1A:02:D0:F9:02:66:CE:3E:28:97:3C:09:40:CF:F9:5B:54:2A:84
DirName:/CN=max-ca-creator/C=US
serial:15:9F:13:26:23:BF:1A:C6
Signature Algorithm: sha256WithRSAEncryption
0a:9a:e0:0b:dd:d1:b8:82:69:04:0e:05:ae:c4:ac:f7:d9:94:
55:bf:32:df:bc:f1:4f:7b:b3:59:7f:ea:e6:a6:d4:dd:19:e1:
c5:06:b3:a2:69:49:5c:ab:ee:77:e8:09:42:3f:d4:8d:92:78:
1d:27:69:50:69:62:b3:bb:d3:2f:02:f2:55:d2:1c:19:ce:a4:
6a:06:37:1b:f6:21:63:cd:0c:93:11:5d:14:00:1f:22:ce:2e:
75:03:33:0b:ad:4a:9a:85:60:c0:94:cd:45:89:94:06:36:4c:
10:5d:45:4a:ca:29:3a:2c:c7:f5:ed:35:4e:f3:7c:05:48:74:
5c:c6:e7:2b:20:19:99:96:f2:9a:02:53:f1:4f:fd:37:77:f6:
b7:a5:f5:fc:97:9f:da:70:7e:e2:21:7a:9f:e3:5b:9f:62:03:
97:42:7b:b4:25:66:73:06:91:88:59:6a:33:08:7b:2a:af:ff:
c2:be:78:e4:15:4f:4e:9b:ca:da:fd:2c:cd:1d:41:5d:3c:69:
ac:ac:b0:fb:d0:b8:55:d1:fa:4a:5d:cc:03:1f:00:c1:80:4d:
99:eb:e4:ad:1c:ba:c6:7c:db:d6:bd:89:c8:05:ba:a3:ec:ab:
f4:b8:a9:8e:70:42:99:48:4c:e4:8c:20:c4:a4:e7:45:32:06:
ef:02:67:b4
Signed certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1558543969701986830 (0x15a10f7ba0ea020e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=max-ca-creator, C=US
Validity
Not Before: May 22 16:52:49 2019 GMT
Not After : May 11 16:52:49 2029 GMT
Subject: C=IL, ST=Israel, L=Herzeliya, O=NetApp.com, OU=IT Department, CN=vsadmin/emailAddress=support@netapp.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bc:dd:6a:6a:f4:ed:79:69:c3:fd:71:d5:35:dc:
6a:5c:50:7e:47:c7:bd:36:89:60:b3:e7:b0:16:0b:
d8:d6:e2:bf:98:77:12:37:3e:0a:6f:6b:17:f9:9b:
a7:c6:97:c6:43:a5:05:e7:73:9a:55:4d:13:05:e3:
60:df:69:c5:21:ef:89:5c:e3:76:b3:00:02:f5:a1:
97:99:db:07:90:3b:8e:28:51:df:f1:81:0f:d7:b8:
b8:23:2b:15:c6:fe:74:df:14:58:e1:20:48:7e:76:
da:29:25:9c:9e:85:f2:7d:c2:43:0f:2f:d3:d8:55:
40:ab:e6:96:e0:dd:12:01:0e:33:4d:ae:b1:0d:c8:
43:85:43:d8:fe:85:f3:9d:c9:d0:7e:89:17:f6:9b:
2f:99:5c:4c:4b:34:86:2b:52:97:5e:03:75:99:9d:
4b:77:09:28:97:67:87:2b:74:15:69:ed:d2:c2:dd:
3e:0f:0a:65:f8:f9:78:04:f6:ef:8e:eb:16:73:de:
f6:85:e6:ae:34:3c:ff:93:f7:9b:4d:d7:de:26:d8:
b7:75:60:7c:ea:55:e2:e1:80:04:d0:10:07:7e:e2:
97:dd:5f:ee:39:1c:ca:d9:58:55:b8:6e:92:03:1e:
db:1c:57:ab:f3:24:d6:b2:3c:5f:b7:08:3c:dc:68:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage: critical
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Alternative Name:
DNS:cluster-centos03.plexistor.com, IP Address:10.68.216.123
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
CA:18:61:1C:58:97:E7:79:FE:5F:5E:36:83:88:A4:BE:2C:C3:41:FE
X509v3 Authority Key Identifier:
keyid:9E:1A:02:D0:F9:02:66:CE:3E:28:97:3C:09:40:CF:F9:5B:54:2A:84
Signature Algorithm: sha256WithRSAEncryption
c4:18:74:53:12:71:87:2f:29:6a:79:d6:2f:80:42:13:b2:f1:
93:b3:f2:2e:99:60:25:d3:82:db:73:2b:39:74:70:fb:67:5b:
f3:c8:a9:03:e8:9f:f0:f3:aa:e4:54:58:93:d5:33:21:57:2d:
1e:31:a3:fc:3a:60:93:38:7a:58:e1:15:f0:10:eb:b5:32:64:
ec:56:99:f7:87:d7:df:fd:ee:a0:4a:79:3d:d6:57:bf:4f:37:
27:56:a5:4e:0a:b3:d7:17:49:cc:26:86:17:61:4e:55:e3:d7:
ee:f1:2c:cf:19:50:4d:98:c0:17:c9:ca:4b:cc:ee:02:92:a7:
4c:50:b9:d5:3f:56:92:59:d4:60:f5:06:a5:89:89:f7:2a:a5:
fe:71:f5:c0:49:7d:c7:02:8e:77:2f:6e:85:a1:4b:98:68:77:
3f:52:aa:c6:e3:1b:48:1d:e5:21:d2:77:1c:b0:90:e5:bf:f6:
0d:10:df:ba:b7:70:55:65:4b:6b:32:37:9e:fe:6f:55:de:91:
82:0b:ac:c8:9a:4b:b1:b0:14:00:96:c3:36:a4:7b:9e:20:c4:
75:67:fe:1b:56:ad:39:60:04:e6:e8:fd:95:62:5b:5b:4f:04:
e4:20:e9:22:26:85:1f:e1:0a:97:0e:ae:53:71:2c:60:e9:3b:
d4:d1:23:6a
How to prevent a token created with OAuth 2.0 from expiring?
I have a docker-compose file like:
I'm fairly new to Gatsby and React, but I'm looking to deploy the static assets generated by a Gatsby build on an Express serverIf I import the Public folder generated by 'gatsby build' into the server directory, and use the following code:
I am receiving an internal server error now that my app is deployed to herokuAll was working fine locally
I'm trying to construct a response in which two database calls are requiredCurrently I'm having trouble with Node