mirror of
https://github.com/Lissy93/web-check.git
synced 2024-11-22 16:23:56 +01:00
44 lines
1.4 KiB
JavaScript
44 lines
1.4 KiB
JavaScript
const tls = require('tls');
|
|
const middleware = require('./_common/middleware');
|
|
|
|
const fetchSiteCertificateHandler = async (urlString) => {
|
|
try {
|
|
const parsedUrl = new URL(urlString);
|
|
const options = {
|
|
host: parsedUrl.hostname,
|
|
port: parsedUrl.port || 443,
|
|
servername: parsedUrl.hostname,
|
|
rejectUnauthorized: false,
|
|
};
|
|
|
|
return new Promise((resolve, reject) => {
|
|
const socket = tls.connect(options, () => {
|
|
if (!socket.authorized) {
|
|
return reject(new Error(`SSL handshake not authorized. Reason: ${socket.authorizationError}`));
|
|
}
|
|
|
|
const cert = socket.getPeerCertificate();
|
|
if (!cert || Object.keys(cert).length === 0) {
|
|
return reject(new Error(`
|
|
No certificate presented by the server.\n
|
|
The server is possibly not using SNI (Server Name Indication) to identify itself, and you are connecting to a hostname-aliased IP address.
|
|
Or it may be due to an invalid SSL certificate, or an incomplete SSL handshake at the time the cert is being read.`));
|
|
}
|
|
|
|
const { raw, issuerCertificate, ...certWithoutRaw } = cert;
|
|
resolve(certWithoutRaw);
|
|
socket.end();
|
|
});
|
|
|
|
socket.on('error', (error) => {
|
|
reject(new Error(`Error fetching site certificate: ${error.message}`));
|
|
});
|
|
});
|
|
|
|
} catch (error) {
|
|
throw new Error(error.message);
|
|
}
|
|
};
|
|
|
|
exports.handler = middleware(fetchSiteCertificateHandler);
|