1'use strict'; 2const common = require('../common'); 3const assert = require('assert'); 4 5if (!common.hasCrypto) 6 common.skip('missing crypto'); 7 8const https = require('https'); 9const fixtures = require('../common/fixtures'); 10 11const options = { 12 key: fixtures.readKey('agent1-key.pem'), 13 14 // NOTE: Certificate Common Name is 'agent1' 15 cert: fixtures.readKey('agent1-cert.pem'), 16 17 // NOTE: TLS 1.3 creates new session ticket **after** handshake so 18 // `getSession()` output will be different even if the session was reused 19 // during the handshake. 20 secureProtocol: 'TLSv1_2_method' 21}; 22 23const ca = [ fixtures.readKey('ca1-cert.pem') ]; 24 25const server = https.createServer(options, function(req, res) { 26 res.end('ok'); 27}).listen(0, common.mustCall(function() { 28 const port = this.address().port; 29 30 const req = https.get({ 31 port, 32 path: '/', 33 ca, 34 servername: 'nodejs.org', 35 }, common.mustNotCall(() => {})); 36 37 req.on('error', common.mustCall((err) => { 38 assert.strictEqual( 39 err.message, 40 'Hostname/IP does not match certificate\'s altnames: ' + 41 'Host: nodejs.org. is not cert\'s CN: agent1'); 42 43 const second = https.get({ 44 port, 45 path: '/', 46 ca, 47 servername: 'nodejs.org', 48 }, common.mustNotCall(() => {})); 49 50 second.on('error', common.mustCall((err) => { 51 server.close(); 52 53 assert.strictEqual( 54 err.message, 55 'Hostname/IP does not match certificate\'s altnames: ' + 56 'Host: nodejs.org. is not cert\'s CN: agent1'); 57 })); 58 })); 59})); 60