Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TLS config does not work with NodeJS 18.x.x #1428

Closed
1 of 3 tasks
TheEngineerGuy opened this issue Nov 1, 2022 · 23 comments
Closed
1 of 3 tasks

TLS config does not work with NodeJS 18.x.x #1428

TheEngineerGuy opened this issue Nov 1, 2022 · 23 comments
Labels

Comments

@TheEngineerGuy
Copy link

Describe The Bug

HB-UI TLS config Works perfectly fine with NodeJS <=16.x.x

If you update the NodeJS to 18.x.x HB-UI only works without TLS.

Logs

[HB Supervisor] ERROR: The user interface threw an unhandled error
Error: unsupported
    at configSecureContext (node:internal/tls/secure-context:277:15)
    at Object.createSecureContext (node:_tls_common:117:3)
    at Server.setSecureContext (node:_tls_wrap:1352:27)
    at Server (node:_tls_wrap:1211:8)
    at new Server (node:https:74:3)
    at Object.createServer (node:https:112:10)
    at getServerInstance (/usr/lib/node_modules/homebridge-config-ui-x/node_modules/fastify/lib/server.js:284:22)
    at createServer (/usr/lib/node_modules/homebridge-config-ui-x/node_modules/fastify/lib/server.js:15:18)
    at fastify (/usr/lib/node_modules/homebridge-config-ui-x/node_modules/fastify/fastify.js:185:30)
    at new FastifyAdapter (/usr/lib/node_modules/homebridge-config-ui-x/node_modules/@nestjs/platform-fastify/adapters/fastify-adapter.js:82:37)
    at bootstrap (/usr/lib/node_modules/homebridge-config-ui-x/dist/main.js:31723:22)
    at HomebridgeServiceHelper.runUi (/usr/lib/node_modules/homebridge-config-ui-x/src/bin/hb-service.ts:528:18)
    at HomebridgeServiceHelper.launch (/usr/lib/node_modules/homebridge-config-ui-x/src/bin/hb-service.ts:370:5)

Config

No response

Homebridge UI Version

v4.50.1

Homebridge Version

v1.5.1

Node.js Version

v 18.x.x

Operating System

Raspberry Pi OS / Raspbian

Environment Info

  • Using Docker?
  • Using Hyper-V?
  • Using hb-service?

Raspberry Pi Model

Raspberry Pi 4 B

@donavanbecker
Copy link
Contributor

donavanbecker commented Nov 1, 2022

Homebridge UI Version

v4.50.1

Homebridge Version

v1.5.1

Node.js Version

v 18.12.0

Operating System

macOS 13.0

Environment Info

  • Using Docker?
  • Using Hyper-V?
  • Using hb-service?

I am getting this too. Working on one setup, but not the other.

@github-actions
Copy link

github-actions bot commented Dec 2, 2022

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Dec 2, 2022
@TheEngineerGuy
Copy link
Author

Not stale, still an active issue.

@github-actions github-actions bot removed the stale label Dec 3, 2022
@github-actions
Copy link

github-actions bot commented Jan 2, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Jan 2, 2023
@TheEngineerGuy
Copy link
Author

Not stale. Still an active issue.

@github-actions github-actions bot removed the stale label Jan 3, 2023
@github-actions
Copy link

github-actions bot commented Feb 2, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Feb 2, 2023
@TheEngineerGuy
Copy link
Author

An active issue.

@github-actions github-actions bot removed the stale label Feb 3, 2023
@github-actions
Copy link

github-actions bot commented Mar 5, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Mar 5, 2023
@TheEngineerGuy
Copy link
Author

Not stale. Still an issue.

@github-actions github-actions bot removed the stale label Mar 6, 2023
@github-actions
Copy link

github-actions bot commented Apr 6, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Apr 6, 2023
@TheEngineerGuy
Copy link
Author

Not stale, still active issue.

@github-actions github-actions bot removed the stale label Apr 7, 2023
@github-actions
Copy link

github-actions bot commented May 7, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label May 7, 2023
@TheEngineerGuy
Copy link
Author

Not stale, still active issue.

@teemus21
Copy link

teemus21 commented May 7, 2023

This is probably due to the generated pfx p12 file using unsupported ciphers:

FiloSottile/mkcert#496

nodejs/node#40672

@github-actions github-actions bot removed the stale label May 8, 2023
@TheEngineerGuy
Copy link
Author

I checked. I am running SHA256 with RSA. None of these are deprecated to my knowledge.

@TheEngineerGuy
Copy link
Author

TheEngineerGuy commented May 12, 2023

Something interesting. Even though the key pair is packaged as PKCS#12, (in a p12 file), when HB-config-UI uses the cert it seems to tag the header as PKCS#1.

As visible in cert info: PKCS #1 SHA-256 With RSA Encryption

This could be the reason why new version of node, which maybe running additional check, might be complaining about header to cert mismatch, causing TLS to fail.

Just a super wild speculation, because I don't know the innerworkings of node, and HB-config-UI.

@github-actions
Copy link

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Jun 12, 2023
@TheEngineerGuy
Copy link
Author

Not stale, still active issue.

@github-actions github-actions bot removed the stale label Jun 13, 2023
@github-actions
Copy link

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Jul 14, 2023
@TheEngineerGuy
Copy link
Author

Not stale, still active issue.

@github-actions github-actions bot removed the stale label Jul 15, 2023
@github-actions
Copy link

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Aug 14, 2023
@TheEngineerGuy
Copy link
Author

Not stale, still active issue.

@github-actions github-actions bot removed the stale label Aug 15, 2023
@TheEngineerGuy
Copy link
Author

Found the solution, unless explicitly specified, RC2 was being used for packaging by openSSL 1.1.

Forced it to CBC using openssl pkcs12 -certpbe AES-256-CBC -inkey KEY_FILE.key -in CERT_FILE.crt -certfile PARENT_CERT.crt -export -out PFX_FILE.pfx.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants