hillar/gist:7022867

## gistfile1.js
//wget http://sk.ee/upload/files/JUUR-SK.PEM.cer
//wget http://sk.ee/upload/files/EECCRCA.pem.cer
//wget http://sk.ee/upload/files/ESTEID-SK%202007.PEM.cer
//wget http://sk.ee/upload/files/ESTEID-SK%202011.pem.cer

var fs = require('fs'),
    http = require('http'),
    https = require('https'),
    express = require('express');

var port = 5678;

var options = {
    key: fs.readFileSync('server.key'),
    cert: fs.readFileSync('server.crt'),
    ca: [fs.readFileSync('JUUR-SK.PEM.cer'),fs.readFileSync('EECCRCA.pem.cer'),fs.readFileSync('ESTEID-SK 2007.PEM.cer'),fs.readFileSync('ESTEID-SK 2011.pem.cer'),],
    requestCert: true,
    rejectUnauthorized: false
};

var app = express();

var server = https.createServer(options, app).listen(port, function(){
  console.log("Express server listening on port " + port);
});

app.get('/', function(req, res) {
  var clientCertificate = req.connection.getPeerCertificate();
    var serial = 'None';
    var issuer = 'None'
    if (clientCertificate && clientCertificate.subject && clientCertificate.subject.serialNumber){
    	serial = clientCertificate.subject.serialNumber;
    }
    if (clientCertificate && clientCertificate.issuer){
    	issuer = clientCertificate.issuer;
    }
    req.client.authorized ?
        res.json({"status":"approved", "user":serial,"clientCertificate":clientCertificate}) :
        res.json({"status":"denied","error":req.client.authorizationError,"issuer":issuer}, 401);
});
	//wget http://sk.ee/upload/files/JUUR-SK.PEM.cer
	//wget http://sk.ee/upload/files/EECCRCA.pem.cer
	//wget http://sk.ee/upload/files/ESTEID-SK%202007.PEM.cer
	//wget http://sk.ee/upload/files/ESTEID-SK%202011.pem.cer

	var fs = require('fs'),
	http = require('http'),
	https = require('https'),
	express = require('express');

	var port = 5678;

	var options = {
	key: fs.readFileSync('server.key'),
	cert: fs.readFileSync('server.crt'),
	ca: [fs.readFileSync('JUUR-SK.PEM.cer'),fs.readFileSync('EECCRCA.pem.cer'),fs.readFileSync('ESTEID-SK 2007.PEM.cer'),fs.readFileSync('ESTEID-SK 2011.pem.cer'),],
	requestCert: true,
	rejectUnauthorized: false
	};

	var app = express();

	var server = https.createServer(options, app).listen(port, function(){
	console.log("Express server listening on port " + port);
	});

	app.get('/', function(req, res) {
	var clientCertificate = req.connection.getPeerCertificate();
	var serial = 'None';
	var issuer = 'None'
	if (clientCertificate && clientCertificate.subject && clientCertificate.subject.serialNumber){
	serial = clientCertificate.subject.serialNumber;
	}
	if (clientCertificate && clientCertificate.issuer){
	issuer = clientCertificate.issuer;
	}
	req.client.authorized ?
	res.json({"status":"approved", "user":serial,"clientCertificate":clientCertificate}) :
	res.json({"status":"denied","error":req.client.authorizationError,"issuer":issuer}, 401);
	});