This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Reusing the HTTPS connection to backend with NodeJS

Posted on 04-03-2017 03:07 AM
karlapudiravi
New Member
Reply posted on --/--/---- --:-- AM

Hi All,

My usecase is to reuse the connection while calling the backend services over HTTPS (2-way SSL). I have deployed the API proxy in APIGEE On Premise 4.16.05.02.

1)I am able to connect to my backend services with the request module of NodeJS as below.

var options = {

key: fs.readFileSync('./sample.key'),

cert: fs.readFileSync('./sample.crt'),

uri: url,

hostname: 'hostname',

port: 443,

method: 'GET',

agent: false,

};

request(options,function(err,res, body){

if (err || !res) {

return callback();

}

callback(null, body);

});

I have passed the following HTTP headers in the incoming request, however I do not see any significance performance improvement.

<Header name="Connection">Keep-Alive</Header>

<Header name="Keep-Alive">timeout=60</Header>

2)I have modified the above code to include the keepalive (agent:keepAliveAgent) to make sure that the connection is alive.

var keepAliveAgent = new require('https').Agent({ keepAlive: true });

when i pass the keepAliveAgent created as above to agent parameter of the options variable, i am getting the following errors :

Error: javax.net.ssl.SSLException: Received fatal alert: handshake_failure

1) I tried deploying the API proxy in 4.16.09.00 and getting the below error message.

[Error: socket hang up] message: 'socket hang up', code: 'ECONNRESET'

2)How do I resolve the SSL Handshake failure/socket hangup issues when using HTTPS Agent?

3)Any other suggestion on implementation of my usecase?

1 3 3,042
Topic Labels
3 REPLIES 3

Posted on --/--/---- --:-- AM
jcwhitlock
Staff
Reply posted on --/--/---- --:-- AM

By default, the Node.js support in Edge has a blacklist such that if your Node.js application tries to access one of the following IP ranges, it is denied: `10.0.0.0/8,192.168.0.0/16,127.0.0.1/32` Chances are good that your Node.js application is attempting to access an internal resource whose IP is blacklisted by one of those IP ranges. If that is the case, you need to follow the How to Configure Edge documentation to change this to your liking. Here is the simple set of steps:

  1. Create the `{INST_DIR}/customer/message-processor.properties` file (Example: `/opt/apigee/customer/application/message-processor.properties`)
  2. Set the `conf_nodejs_connect.ranges.denied` property in the created file to be to your liking so that the IP address you're trying to access falls outside of one of the ranges
  3. Restart your MP(s)
0 Likes

Posted on --/--/---- --:-- AM
karlapudiravi
New Member
In response to jcwhitlock
Reply posted on --/--/---- --:-- AM

Hi @Jeremy Whitlock,

Looks like there is no issue with the IP blacklisting in the NodeJS properties, i am able to communicate to the backend without using the agent options (agent : false), but when i create and use new https agent i am facing issue.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

I was able to overcome some SSL issues by setting rejectUnauthorized attribute to false.

var req = https.request({ 
      host: 'YOUR_IP', 
      port: 443,
      path: '/',
      method: 'GET',
      rejectUnauthorized: false,
      requestCert: true,
      agent: false
    });

Hope it helps!

0 Likes