NodeJS HTTPS Server


I would like to create an https server with NodeJS, with the full (strict) ssl option.

My server is heberged via AWS, and I want this instance’s url unable to get request outside Cloudflare.
I would like that the only way to access to my website is from my domain, proxysed via Cloudflare.

const https = require('https');
const fs = require('fs');

const options = {
    key: fs.readFileSync('sslcert/key-serveur-origine.key'),
    cert: fs.readFileSync('sslcert/cert-serveur-origine.crt'),
    ca: fs.readFileSync('sslcert/ca-crt.crt'),
    requestCert: true,
    rejectUnauthorized: true

https.createServer(options, (req, res) => {

This a simple https server I created, but when I start it, my instance’s url returns an error (what I want), but via Cloudflare it returns a 525 SSL handshake failed.

Can you help me to solve my problem ?


And if rejectUnauthorized is false it works?

Are you using the default certificate or did you upload a custom one? From where did you get sslcert/ca-crt.crt? Did you enable client certificate authentication on Cloudflare’s side?

If rejectUnauthorized is false, my instance’s url is reachable, and my domain proxysed via Cloudflare works. But I don’t want my instance’s url being reachable.

key-serveur-origine.key and cert-serveur-origine.crt are certificates generated from my Origin CA panel on Cloudflare.

ca-crt.crt is the Cloudflare Origin ECC PEM certificate.

I didn’t enable client authentification on Cloudflare side.


That is necessary. By default Cloudflare does not include the client certificate. That’s why the error.

You need the certificate from not the Origin root certificate.

Thanks a lot ! My problem was the Origin root certificate.

I wasn’t using the good one.

The client authentication wasn’t needed

Thanks for your time

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.