I am trying to load in a PFX and passphrase from a file so that I can make a HTTPS request. Before I start, I already know that the PFX is good and that is not the issue.
I am doing the following:
config.options.pfx = fs.readFileSync('file.pfx');
config.options.passphrase = 'passphrase';
I am passing my options into an agent.
config.options.agent = new https.Agent(options);
I then try to build the rquest where I get the following error:
crypto.js:143
c.context.loadPKCS12(pfx, passphrase);
^
Error: header too long
at Object.exports.createCredentials (crypto.js:143:17)
at Object.exports.connect (tls.js:1334:27)
at Agent.createConnection (https.js:79:14)
at Agent.createSocket (http.js:1293:16)
at Agent.addRequest (http.js:1269:23)
at new ClientRequest (http.js:1416:16)
at Object.exports.request (https.js:123:10)
I checked this out from a work repository where I know that this works for the original author of it. For some reason my set-up is not running it, though.
I am trying to load in a PFX and passphrase from a file so that I can make a HTTPS request. Before I start, I already know that the PFX is good and that is not the issue.
I am doing the following:
config.options.pfx = fs.readFileSync('file.pfx');
config.options.passphrase = 'passphrase';
I am passing my options into an agent.
config.options.agent = new https.Agent(options);
I then try to build the rquest where I get the following error:
crypto.js:143
c.context.loadPKCS12(pfx, passphrase);
^
Error: header too long
at Object.exports.createCredentials (crypto.js:143:17)
at Object.exports.connect (tls.js:1334:27)
at Agent.createConnection (https.js:79:14)
at Agent.createSocket (http.js:1293:16)
at Agent.addRequest (http.js:1269:23)
at new ClientRequest (http.js:1416:16)
at Object.exports.request (https.js:123:10)
I checked this out from a work repository where I know that this works for the original author of it. For some reason my set-up is not running it, though.
Share Improve this question asked Jun 24, 2014 at 17:14 JoeJoe 6812 gold badges8 silver badges17 bronze badges 2- 2 A hint: pfx is just a PKCS12 version bastardized by MS, so some crypto tools work with pfx while others - don't. try generating native PKCS12 or transform pfx to PKCS12 using openssl tool. – Oleg Gryb Commented Jun 24, 2014 at 17:20
- I got exactly the same problem with a valid PFX (PKCS12) file, with no solution. Have you solved it? – Montegasppα Cacilhας Commented Apr 23, 2020 at 0:33
2 Answers
Reset to default 21I had a similar issue. It turned out I was using fs.readFileSync('file.pfx', 'utf8'), which is correct for PEM files, but since PKCS12 files are binary, you should just pass in fs.readFileSync('file.pfx').
I had the same problem but in my case i was using
pfx: fs.readFileSync('certs/keystore.p12')
In my case, the problem was that the pfx I was using was not correctly generated from the jks. Exporting with keytool was the right solution
keytool -v -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -deststoretype PKCS12