I am trying to setup a https server for local development.I am using a Windows 10 machine . I have generated a self signed Certificate using openssl. I used the following commands.
openssl genrsa -out key.pem
openssl req -new -key key.pem -out csr.pem
openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
rm csr.pem
This is demo Server code (NodeJS) which outputs "hello world".
const https = require('https');
const fs = require('fs');
const options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem')
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(8000);
I have accessed the URL from command prompt using curl command
curl https://localhost:8000
I am getting the error as
curl: (35) schannel: SNI or certificate check failed: SEC_E_WRONG_PRINCIPAL (0x80090322) - The target principal name is incorrect.
I have added the self signed certificated in the "Trusted root certificate authority" store using the "Microsoft management Console (mmc)". This is my Certificate image.
I don't understand where i am going wrong. Please help me solve this issue.
The Common Name (CN) in your certificate is "myown digital certificate" while it should be "localhost". Recreate the CSR and explicitly set the CN like so
openssl req -new -key key.pem -subj "/CN=localhost" -out csr.pem