Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to load PFX certificate with tlsOptions + workers #391

Closed
gpathak18 opened this issue Sep 11, 2021 · 7 comments · Fixed by #400
Closed

Unable to load PFX certificate with tlsOptions + workers #391

gpathak18 opened this issue Sep 11, 2021 · 7 comments · Fixed by #400
Labels
bug good first issue

Comments

@gpathak18
Copy link

Example config -

const instance = autocannon({ url: 'https://localhost:8080', connection: 10, workers: 3, tlsOptions: { pfx: fs.readFileSync('path/of/p12/keystore') passphrase: 'test' } }

When I use this config. I get 'Error: Unable to load PFX certificate'

This config works when I don't use 'workers' option.
@mcollina
Copy link
Owner

Good spot! There has to be some issues problem when sending the certificate over to the worker.

Would you like to send a Pull Request to address this issue? Remember to add unit tests.

@radomird
Copy link
Contributor

radomird commented Oct 12, 2021
edited
Loading

@mcollina I took some time to investigate this issue and the problem is not with sending the certificate to the worker, that works fine. Problem is with the certificate being, incorrectly, converted from a typed array Uint8Array to an object. This is done by the clone library used to clone the opts in the httpClient.js file.

The clone library has an open issue about this, but there has been no activity on it, since it was opened in 2016.

What do you think, should we replace the library with something like lodash.clonedeep?

I've tested with two approaches:

  • using the lodash.clonedeep lib
  • replacing clone(opts) with Object.assign({}, opts)

They both work - however, with Object.assign we would have to be careful as it's not deep cloning the object (as opposed to the approach to use a library).

@gpathak18
Copy link
Author

gpathak18 commented Oct 12, 2021
edited
Loading

Sorry for being late to add this but I found a workaround until the problem is fixed.

tlsOptions: { cert: fs.readFileSync('path/of/cert/in/pem/format').toString('utf8'), key: fs.readFileSync('path/of/key/in/pem/format').toString('utf8') }

so P12 keystore can be converted to PEM format cert and key which can be supplied to tlsOptions option.

@mcollina
Copy link
Owner

I think we can use the v8 serializer/deserializer combo: https://nodejs.org/dist/latest-v16.x/docs/api/v8.html#v8_v8_serialize_value.

@radomird
Copy link
Contributor

@mcollina While the approach, you mentioned, will work in this use case and will solve the problem, unfortunately it will not work in other cases when there might be some options/configs that are functions.

I've tried your proposed solution:

const cloneDeep = obj => v8.deserialize(v8.serialize(obj))

but the tests are failing.

The reason that this approach (called "The structured clone algorithm") will not work (and the reason why tests fail) is that the Function objects can't be duplicated. See the MDN docs explaining this.

I think the best option would be to just use lodash.clonedeep. What do you think?

@mcollina
Copy link
Owner

go with that!

radomird added a commit to radomird/autocannon that referenced this issue Oct 13, 2021
@radomird
Replaced 'clone' library with 'lodash.clonedeep' mcollina#391
4e46271
@radomird radomird mentioned this issue Oct 13, 2021
Merged
@radomird
Copy link
Contributor

@mcollina & @gpathak18 I've created a PR, please review when you have time. Thanks.

mcollina pushed a commit that referenced this issue Oct 15, 2021
@radomird
Replaced 'clone' library with 'lodash.clonedeep' (#400)
11192ce 
* Replaced 'clone' library with 'lodash.clonedeep' #391

* Removed wrong pkcs12 file

* Added the right pkcs12 file

* Fixed a typo in the hostname for the secure connection
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug good first issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Replaced 'clone' library with 'lodash.clonedeep' radomird/autocannon
3 participants
@mcollina @gpathak18 @radomird