node.jssoap-clienthttp-status-code-403pfxnode-soap

Node soap ClientSSLSecurityPFX - 403 Forbidden


I'm trying to connect to a SOAP service with node-soap but getting 403 - Forbidden.

I have a pfx file and a password and I'm trying:

var pfx = fs.readFileSync(path.join(__dirname, 'folder', 'my.pfx')); // pfx file is in the relative path './folder/my.pfx'
var password = 'mypassword';
var options = {
  strictSSL: true,
  rejectUnauthorized: false,
  hostname: myUrl,
  forever: true
};
var security = new soap.ClientSSLSecurityPFX(pfx, password, options);
var url = 'https://theservice.com/ApplicationService.svc?singleWsdl';
soap.createClient(url, function (err, client) {
  console.log(err);
  console.log(client);
  client.setSecurity(security);
});

But I get 403:

[Error: Invalid WSDL URL: https://theservice.com/ApplicationService.svc?singleWsdl

 Code: 403

 Response Body: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title>...

    client.setSecurity(security);
          ^    
TypeError: Cannot read property 'setSecurity' of undefined

I'm able to access the service via browser by installing pfx to the MacOS Keychain. So URL, pfx, password etc. should be ok.

Any ideas on what could be the issue and how to debug? Thanks!


Solution

  • I managed to connect by setting pfx and passphrase to options.wsdl_options:

      var options = {
        wsdl_options: {
          forever: true,
          rejectUnauthorized: false,
          strictSSL: false,
          pfx: fs.readFileSync(__dirname + '/folder/my.pfx'),
          passphrase: 'myPass'
        }
      };
      soap.createClient(myUrl, options, function (err, client) {
        console.log(err);
        console.log(client);
      });
    

    This way they end up to HTTP options and enable connecting with a client certificate.