My Dev. Notes
It is about the problem I faced and solution. (It is pretty randomly order)
- In nodejs, I make remote https call and fail. The ops gave me a pem file with both cert & key in the same file. I put that in the options.cert with passphrase. It didn't work. We looked at the TCL TLS log and found the handshake fail with missing "Certificate Verify". At the same time, command line CURL or PHP CURL both worked. What could it be?
At last, we find out, although both cert & key in the same file, and we define in options.cert. That's not enough for node.js. We have to specify options.key pointing to the same file Or else, we have to split into cert and key files. - Becareful when using Upstart to start Node. In Ubuntu, we set the ulimit to 90000. However, in production, it doesn't seem like it is running with that limit. There was Fatal error that seems to caused by running out of memory which probably deal to too many socket failure. At last, we find out, 1) Ubuntu ignore the ulimit config file. 2) Upstart also overwrite whatever in ulimit by its default, which is 1024 open file. What can we do?
The solution is to rewrite the upstart script. and add this: limit nofile 10000 10000 is the trick