Running The Server

node server.js

References

1. Spring Boot
2. TLS Client Authentication
3. nodejs
4. https://codeburst.io/mutual-tls-authentication-mtls-de-mystified-11fa2a52e9cf
5. https://medium.com/@salarai.de/how-to-enable-mutual-tls-in-a-sprint-boot-application-77144047940f

Step 1 - Generate certifcate autority using openssl

Generate CA certificate

Here, Common name is BCC

openssl req \
  -new \
  -x509 \
  -nodes \
  -newkey rsa:2048\
  -days 365 \
  -subj '/CN=bcc' \
  -keyout ca.key \
  -out ca.crt

Generate Server Certificate

Generate Server Key

openssl genrsa \
  -out server.key 2048

Generate CSR

Here common name is localhost

openssl req \
  -new \
  -key server.key \
  -subj '/CN=localhost' \
  -out server.csr

Generate Signed Certificate

openssl x509 \
  -req \
  -in server.csr \
  -CA ca.crt \
  -CAkey ca.key \
  -CAcreateserial \
  -days 365 \
  -out server.crt

Generate Client Certificate

Generate Client Key

openssl genrsa \
  -out client.key 2048

Generate CSR

Here common name is client's name

openssl req \
  -new \
  -key client.key \
  -subj '/CN=torsho' \
  -out client.csr

Generate Signed Certificate

openssl x509 \
  -req \
  -in client.csr \
  -CA ca.crt \
  -CAkey ca.key \
  -CAcreateserial \
  -days 365 \
  -out client.crt

Testing the server

curl \
  --cacert ca.crt \
  --key client.key \
  --cert client.crt \
  https://localhost:3000