Js https PEM error: outines: PEM_read_bio: no start line Node.js https PEM error: 例程: PEM_read_bio: 没有起始行

If you are using windows, you should make sure that the certificate file csr.pem and key.pem don't have unix-style line endings. Openssl will generate the key files with unix style line endings. You can convert these files to dos format using a utility like unix2dos or a text editor like notepad++

You are probably using the wrong certificate file, what you need to do is generate a self signed certificate which can be done as follows

openssl req -newkey rsa:2048 -new -nodes -keyout key.pem -out csr.pem
openssl x509 -req -days 365 -in csr.pem -signkey key.pem -out server.crt

then use the server.crt

   var options = {
key: fs.readFileSync('./key.pem', 'utf8'),
cert: fs.readFileSync('./server.crt', 'utf8')
};

Generate the private key and server certificate with specific expiry date or with infinite(XXX) expiry time and self sign it.

$ openssl req -x509 -sha256 -newkey rsa:2048 -keyout key.pem -out cert.pem -days XXX

$ Enter a private key passphrase...`

Then it will work!

If you log the

var options = {
key: fs.readFileSync('./key.pem', 'utf8'),
cert: fs.readFileSync('./csr.pem', 'utf8')
};

You might notice there are invalid characters due to improper encoding.

Was facing the same problem In my case I changed the option parameter of cert to pfx & removed utf8 encoding.

before:

var options = {
hostname : 'localhost',
path : '/',
method : 'POST',
cert: fs.readFileSync(testCert, 'utf8'),
passphrase:passphrase,
agent:false,
rejectUnauthorized:false
};

after:

var options = {
hostname : 'localhost',
path : '/',
method : 'POST',
pfx: fs.readFileSync(testCert),
passphrase:passphrase,
agent:false,
rejectUnauthorized:false
};

I guess this is because your nodejs cert has expired. Type this line :
npm set registry http://registry.npmjs.org/
and after that try again with npm install . This actually solved my problem.

I removed this error by write the following code

Open Terminal

1. openssl req -newkey rsa:2048 -new -nodes -keyout key.pem -out csr.pem

2. openssl x509 -req -days 365 -in csr.pem -signkey key.pem -out server.crt

Now use the server.crt and key.pem file

app.js or server.js file

var https = require('https');
var https_options = {
key: fs.readFileSync('key.pem', 'utf8'),
cert: fs.readFileSync('server.crt', 'utf8')
};


var server = https.createServer(https_options, app).listen(PORT);
console.log('HTTPS Server listening on %s:%s', HOST, PORT);

It works but the certificate is not trusted. You can view the image in image file.

I actually just had this same error message.

The problem was I had key and cert files swapped in the configuration object.

For me the issues was I had the key and cert swapped.

var options = {
key: fs.readFileSync('/etc/letsencrypt/live/mysite.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/mysite.com/fullchain.pem'),
ca: fs.readFileSync('/etc/letsencrypt/live/mysite.com/chain.pem')
};

EDIT

More Complete Example (Maybe not completely functional)

Server.js

    var fs = require('fs');


var sessionKey = 'ai_session:';
var memcachedAuth = require('memcached-auth');


var clients = {};
var users = {};


var options = {
key: fs.readFileSync('/etc/letsencrypt/live/somesite.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/somesite.com/fullchain.pem'),
ca: fs.readFileSync('/etc/letsencrypt/live/somesite.com/chain.pem')
};


var origins = 'https://www.somesite.com:*';
var https = require('https').createServer(options,function(req,res){


// Set CORS headers
res.setHeader('Access-Control-Allow-Origin', origins);
res.setHeader('Access-Control-Request-Method', '*');
res.setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET');
res.setHeader('Access-Control-Allow-Headers', '*');


});


var io = require('socket.io')(https);
https.listen(3000);


io.sockets.on('connection', function(socket){


socket.on('auth', function(data){


var session_id = sessionKey+data.token;
memcachedAuth.is_logged_in(session_id).then( (response) => {


if(response.is_logged_in){


// user is logged in
socket.emit('is_logged_in', true);


messenger.addUser(socket);


// dynamic room
socket.on('room', function(room){
socket.join(room);
console.log('joing room '+room);
});


socket.on('message', function(data){
messenger.receive(data.message_data);
});
}else{
// Not logged in
socket.emit('is_logged_in', false);
}
}).catch( (error) => {
console.log(error);
});


});




});




var messenger = {
socket: (socket)=>{
return socket;
},
subscribe: (room)=>{


},
unsubscribe: (room)=>{


},
send: (data)=>{


},
receive: (data)=>{
console.log(data);
//connected
if (clients[data.user_name]){
console.log('user');
}
},
addUser: (socket)=>{
socket.on('add-user', function(data){
clients[data] = {
"socket": socket.id
};
console.log('Adding User:' + data);
console.log(clients);
});
},
private: (socket)=>{
// Not working yet...
socket.on('message', function(data){


console.log("Sending: " + data + " to " + data.user_name);


if (clients[data.user_name]){
io.sockets.connected[clients[data.user_name].socket].emit("response", data);
} else {
console.log("User does not exist: " + data.user_name);
}
});
},
disconnect:()=>{
//Removing the socket on disconnect
socket.on('disconnect', function() {
for(var name in clients) {
if(clients[name].socket === socket.id) {
delete clients[name];
break;
}
}
});
}
}

I have created a repo on github including a more complete version of the above code if anyone is interested: https://github.com/snowballrandom/Memcached-Auth

Corrupted cert and/or key files

For me it was just corrupted files. I copied the contents from GitHub PullRequest webpage and I guess I added an extra space somewhere or whatever... once I grabbed the raw thing and replaced the file, it worked.

For me, after trying all above solutions it ended up being a problem related to encoding. Concisely, my key was encoded using 'UTF-8 with BOM'. It should be UTF-8 instead.

To fix it, at least using VS Code follow this steps:

1. Open the file and click on the encoding button at the status bar (at the bottom) and select 'Save with encoding'.
2. Select UTF-8.
3. Then try using the certificate again.

I suppose you can use other editors that support saving with the proper encoding.

Source: error:0906d06c:pem routines:pem_read_bio:no start line, when importing godaddy SSL certificate

P.D I did not need to set the encoding to utf-8 option when loading the file using the fs.readFileSync function.

Hope this helps somebody!

I faced with the problem like this.

The problem was that I added the public key without '-----BEGIN PUBLIC KEY-----' at the beginning and without '-----END PUBLIC KEY-----'.

So it causes the error.

Initially, my public key was like this:

-----BEGIN PUBLIC KEY-----
WnsbGUXbb0GbJSCwCBAhrzT0s2KMRyqqS7QBiIG7t3H2Qtmde6UoUIcTTPJgv71
......
oNLcaK2wKKyRdcROK7ZTSCSMsJpAFOY
-----END PUBLIC KEY-----

But I used just this part:

WnsbGUXb+b0GbJSCwCBAhrzT0s2KMRyqqS7QBiIG7t3H2Qtmde6UoUIcTTPJgv71
......
oNLcaK2w+KKyRdcROK7ZTSCSMsJpAFOY

For me, the solution was to replace \\n (getting formatted into the key in a weird way) in place of \n

Replace your key: <private or public key> with key: (<private or public key>).replace(new RegExp("\\\\n", "\g"), "\n")