Using Node to call SOAP Web Service over https

Question

I am trying to use node-soap https://github.com/vpulim/node-soap to call a web service but I am having trouble using the module with https.

In the code below I am using http and I can see the functions and log a describe() of the About function. (Responses are empty, probably because the WS is setup like that when using http(?))

var soap = require('soap');
var url = "http://XXXXX/service.svc?DocArchiveService/DocArchiveV201409";
var auth = "Basic " + new Buffer("USERXXX" + ":" + "PWYYY").toString("base64");

var args = {};

soap.createClient(url, { wsdl_headers: {Authorization: auth} }, function(err, client) {

    console.log(client.describe().DocArchiveV201409.DocArchiveV201409Soap.About);

    client.DocArchiveV201409.DocArchiveV201409Soap.About(args, function(err, result){
        if (err) throw err;
        console.log(result);
    });
});

Output:

{ input: {}, output: { AboutResult: 's:string' } }

Error message (this is fine since the response will be empty anyway):

Error: Cannot parse response at finish (E:\Qlikview\SourceDocuments\UnderDevelopment\Node\node_modules\so ap\lib\client.js:383:19)

My problem is that when using https I get an undefined client.

E:\Qlikview\SourceDocuments\UnderDevelopment\Node\Soap.js:23 console.log(client); ^ ReferenceError: client is not defined at Object.anonymous (E:\Qlikview\SourceDocuments\UnderDevelopment\Node\Soa p.js:23:13)

Have anyone used node-soap with https?

edit: As the result below suggests I need to have the certificate first. I have tried using SoapUI without the cert and that works fine. Maybe there is some parameters to createClient I can use in node-soap?

console.log(err) returns:

{ Error: unable to get local issuer certificate
    at Error (native)
    at TLSSocket.<anonymous> (_tls_wrap.js:1079:38)
    at emitNone (events.js:86:13)
    at TLSSocket.emit (events.js:185:7)
    at TLSSocket._finishInit (_tls_wrap.js:603:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:433:38) code: 'UNABLE_TO_GET_IS
SUER_CERT_LOCALLY' }

Answer 1

As cleared from tls specific error, you aren't able to create soap client by invoking soap.createClient. It is returning err and undefined client, that's why subsequent calls are failing.

The main reason behind the certificate issue can be either soap server certificates are signed by internal CA or soap server is using self-signed certificate.

Possible solutions that can be used to tackle the issue are

1. [ Not recommended ] Ignore certificate specific warnings by disabling SSL check at request time. e.g.

   var request = require('request');
   var specialRequest = request.defaults({
      strictSSL: false
   });
   

2. [ Recommended ] Provide root/intermediate certificates of CA to verify the remote certificates.

   var request = require('request');
   var specialRequest = request.defaults({
      agentOptions: {
         ca: fs.readFileSync('ca.cert.pem') //path of CA cert file
      }
   );
   

For both solutions, pass this specialRequest to createClient.

    soap.createClient(url, { 
        wsdl_headers: {Authorization: auth},
        request : specialRequest
    }, function(err, client) {
        //your code
    });

I just went through the documentation and came up with the solution. It may or may not work, but worth trying logically. I couldn't test above-mentioned solutions, but it should work.

Hope it helps you.

Answer 2

For recommended solution - Provide root/intermediate certificates of CA to verify the remote certificates, try this-

var request = require('request'); 
var specialRequest = request.defaults({ ca: fs.readFileSync('ca.cert.pem') //path of CA cert file );

var auth = "Basic " + new Buffer.from("myUsername:myPassword").toString("base64"); 
var options = { wsdl_headers: { Authorization: auth }, request: specialRequest };

soap.createClient(url, options, function (err, client) {
    client.myFunction(args, function (err, result) { 
        console.log(result);
    });
});