[GH-ISSUE #40] https setup failing to start #23

New issue

Closed

opened 2026-03-03 16:03:46 +03:00 by kerem · 3 comments

kerem commented

2026-03-03 16:03:46 +03:00

Owner

Originally created by @mv5492 on GitHub (Feb 16, 2015).
Original GitHub issue: https://github.com/mthenw/frontail/issues/40

Hello, and thank you for frontail.

I'm trying to set up https. When I try to start a daemon I get this err:

_tls_common.js:108
c.context.setKey(options.key);
^
Error: error:0906A068:PEM routines:PEM_do_header:bad password read
at Error (native)
at Object.createSecureContext (_tls_common.js:108:19)
at Server (_tls_wrap.js:596:25)
at new Server (https.js:36:14)
at Object.exports.createServer (https.js:56:10)
at ServerBuilder.build (../node_modules/frontail/lib/server_builder.js:18:22)
at Object. (../node_modules/frontail/index.js:60:10)
at Module._compile (module.js:460:26)
at Object.Module._extensions..js (module.js:478:10)
at Module.load (module.js:355:32)

My certificates are not self-signed, but come from an authorized certificate provider. These are the key and certificate files as used by my Apache web server. Can these be inputs? I'm not sure how to deal with the password, unless that's my key passphrase.

SSLEngine on
SSLCertificateFile <path>/ssl/certs/dev.crt
SSLCertificateKeyFile <path>/ssl/certs/dev_private.key
SSLCertificateChainFile <path>/ssl/certs/intermediate.crt

Thanks, Mike

Originally created by @mv5492 on GitHub (Feb 16, 2015). Original GitHub issue: https://github.com/mthenw/frontail/issues/40 Hello, and thank you for frontail. I'm trying to set up https. When I try to start a daemon I get this err: _tls_common.js:108 c.context.setKey(options.key); ^ Error: error:0906A068:PEM routines:PEM_do_header:bad password read at Error (native) at Object.createSecureContext (_tls_common.js:108:19) at Server (_tls_wrap.js:596:25) at new Server (https.js:36:14) at Object.exports.createServer (https.js:56:10) at ServerBuilder.build (../node_modules/frontail/lib/server_builder.js:18:22) at Object.<anonymous> (../node_modules/frontail/index.js:60:10) at Module._compile (module.js:460:26) at Object.Module._extensions..js (module.js:478:10) at Module.load (module.js:355:32) My certificates are not self-signed, but come from an authorized certificate provider. These are the key and certificate files as used by my Apache web server. Can these be inputs? I'm not sure how to deal with the password, unless that's my key passphrase. ``` SSLEngine on SSLCertificateFile <path>/ssl/certs/dev.crt SSLCertificateKeyFile <path>/ssl/certs/dev_private.key SSLCertificateChainFile <path>/ssl/certs/intermediate.crt ``` Thanks, Mike

kerem closed this issue

2026-03-03 16:03:47 +03:00

kerem commented

2026-03-03 16:03:47 +03:00

Author

Owner

@mthenw commented on GitHub (Feb 23, 2015):

Hi @mv5492,

could you try this or that?

@mthenw commented on GitHub (Feb 23, 2015): Hi @mv5492, could you try [this](http://stackoverflow.com/questions/9380403/what-does-ssl-ctx-use-privatekey-file-problems-getting-password-error-indica) or [that](http://stackoverflow.com/questions/18101217/error-102-nginx-ssl)?

kerem commented

2026-03-03 16:03:47 +03:00

Author

Owner

@mv5492 commented on GitHub (Feb 23, 2015):

Thank you. I saw this solution, but really wanted to keep my passphrase. This works great. I actually made a copy of the key and removed the passphrase from the copy. I guess after reading the solution what I was hoping for was a way to be prompted for the passphrase when frontail starts when using ssl. is that possible? Thank you.

@mv5492 commented on GitHub (Feb 23, 2015): Thank you. I saw this solution, but really wanted to keep my passphrase. This works great. I actually made a copy of the key and removed the passphrase from the copy. I guess after reading the solution what I was hoping for was a way to be prompted for the passphrase when frontail starts when using ssl. is that possible? Thank you.

kerem commented

2026-03-03 16:03:47 +03:00

Author

Owner

@mthenw commented on GitHub (Feb 23, 2015):

Yes, it is possible to ask user for passphrase when starting https. I've created separate issue for that but I not sure when I will have time to implement that. Probably next week.

@mthenw commented on GitHub (Feb 23, 2015): Yes, it is possible to ask user for passphrase when starting https. I've created separate issue for that but I not sure when I will have time to implement that. Probably next week.

kerem referenced this issue

2026-03-03 16:05:52 +03:00

[PR #23] [MERGED] Files as socket.io namespace #176