问题
I have an https server running on nginx. Nginx contains two server blocks. Both of them uses different keys and certificates. These are self signed certificates provided by a CA.
Block 1: (Default block)
listen 443 ssl;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_certificate /etc/opt/cde/.nginx/cert.pem;
ssl_certificate_key /etc/opt/cde/.nginx/key.pem;
Block 2:
server_name example.com www.example.com
server_names_hash_bucket_size 64;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_certificate /etc/opt/abc/.nginx/certificate.pem;
ssl_certificate_key /etc/opt/abc/.nginx/key.key;
ssl_client_certificate /etc/opt/abc/.nginx/caBundle.pem;
Server two has a name abc.com. I want to make an https request to server abc.com. The ip of host machine is something i.e. 10.1.1.36. If I make a http request with hostname=10.1.1.36 , the request goes to the default server in nginx, hence the https certificate validation fails. How can I make a request which will go to the ip but with host name as example.com, so it lands on second server block on nginx?
With curl, this request can be made using --resolve option.
curl --cacert cabundle.crt --cert certificate.pem --cert-type PEM --key privatekey.prv --pass passphrase --key-type PEM --resolve example.com:443:10.1.1.36 https://example.com:443/api/v1/authdata -k GET
How can I achieve this using nodejs https request module?
var options = {
hostname: hostname,
//host: hostname,
port: 443,
path: path,
method: method,
headers: requestHeaders,
ca: fs.readFileSync("C:\\cabundle.crt"),
key: fs.readFileSync("C:\\privatekey.prv"),
cert: fs.readFileSync("C:\\certificate.pem"),
passphrase: "passphrase"
};
var req = https.request(options, function(res){});
来源:https://stackoverflow.com/questions/52838122/curl-resolve-equilant-in-nodejs-fake-the-hostname-of-an-ip