{"id":38176268,"url":"https://github.com/teamforus/backoffice-example","last_synced_at":"2026-01-16T23:32:53.209Z","repository":{"id":40431246,"uuid":"359371258","full_name":"teamforus/backoffice-example","owner":"teamforus","description":"Example backoffice connection for testing / demo purposes","archived":false,"fork":false,"pushed_at":"2025-05-22T09:48:15.000Z","size":58,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-05-22T10:54:13.341Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/teamforus.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-04-19T07:41:23.000Z","updated_at":"2025-05-22T09:48:18.000Z","dependencies_parsed_at":"2025-05-22T10:52:06.430Z","dependency_job_id":null,"html_url":"https://github.com/teamforus/backoffice-example","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/teamforus/backoffice-example","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamforus%2Fbackoffice-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamforus%2Fbackoffice-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamforus%2Fbackoffice-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamforus%2Fbackoffice-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/teamforus","download_url":"https://codeload.github.com/teamforus/backoffice-example/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/teamforus%2Fbackoffice-example/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28487586,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T22:54:02.790Z","status":"ssl_error","status_checked_at":"2026-01-16T22:50:10.344Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-16T23:32:53.035Z","updated_at":"2026-01-16T23:32:53.186Z","avatar_url":"https://github.com/teamforus.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Guzzle/Nodejs mutual SSL demo\n### Setup and run the Server\n\nPlease generate and copy the certificates before running the server.   \nSee `Generate certificates and local development` section.\n\n```\ncd ./server\nnpm install\nnpm start\n```\n\n### Setup and run the Client\nPlease start the server before running this script.\n\n1) cd ./client\n2) run `composer install` \n3) Copy your certificates to directory `./certificates`\n4) Run the script `php ./index.php`\n\n### Server and certificates  \n\nThe default url of the api is `https://server.sponsor-api.com`,\nplease adjust this value in the script if you use another domain.\n\nThe domain name must match the domain name you used to generate the certificates.\n\n\n## Certificate files location.\n\n### Client\nYou need to have following `.pem` files in your `./certificates` directory.  \n`server-ca-crt.pem`, `client-crt.pem` and `client-key.pem`.\n\n### Server\nAlso, following `.pem` files in your `./certificates` directory.  \n`client-ca-crt.pem`, `server-crt.pem` and `server-key.pem`.\n\n\n# Certificates and local development\n\nAdd following line to `/etc/hosts` file.  \n```bash\n127.0.0.1 server.sponsor-api.com\n127.0.0.1 client.sponsor-api.com\n```\nFor current demo `client.sponsor-api.com` in hosts file is optional.\n\n## Automatically generate the certificate\nJust run the script:\n```bash\n./make-certificates-default.sh\n```\nIt will automatically generate all the certificates and put them into the right directory.  \nTo get more details please read the script it's fairly simple.\n\n## Manually generate the certificate\nCopied from this article with minor adjustments.  \nhttps://www.matteomattei.com/client-and-server-ssl-mutual-authentication-with-nodejs/\n\n### Generate server certificates\nWe are going to create a Certification Authority (CA) certificate for the server with 10 year validity and the related key.\n```bash\n$ openssl req -nodes -new -x509 -days 3650 -keyout server-ca-key.pem -out server-ca-crt.pem\nGenerating a RSA private key\n...........................................................................................+++++\n.......................................+++++\nwriting new private key to 'ca-key.pem'\nEnter PEM pass phrase:\nVerifying - Enter PEM pass phrase:\n-----\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter '.', the field will be left blank.\n-----\nCountry Name (2 letter code) [AU]:NL\nState or Province Name (full name) [Some-State]:Groningen\nLocality Name (eg, city) []:Groningen\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:Forus\nOrganizational Unit Name (eg, section) []:DevOps\nCommon Name (e.g. server FQDN or YOUR name) []:sponsor-api.com\nEmail Address []:info@sponsor-api.com\n```\n\nThe PEM pass phrase is optional.  \nThe other questions are not mandatory, but it’s better if you answer all.  \nThe most important question is the Common Name which should be the server main domain (sponsor-api.com).\n\n\nNow we generate the actual server certificate which will be used in the ssl handshake. \nFirst we have to generate a random key (4096 bit length in our example):\n```bash\n$ openssl genrsa -out server-key.pem 4096\nGenerating RSA private key, 4096 bit long modulus (2 primes)\n.........++++\n...................++++\ne is 65537 (0x010001)\n```\n\nThen generate a Certificate Signing Request (CSR) with the key we have generated:\n```bash\n$ openssl req -new -sha256 -key server-key.pem -out server-csr.pem\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter '.', the field will be left blank.\n-----\nCountry Name (2 letter code) [AU]:NL\nState or Province Name (full name) [Some-State]:Groningen\nLocality Name (eg, city) []:Groningen\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:Forus\nOrganizational Unit Name (eg, section) []:DevOps\nCommon Name (e.g. server FQDN or YOUR name) []:server.sponsor-api.com\nEmail Address []:info@sponsor-api.com\n\nPlease enter the following 'extra' attributes\nto be sent with your certificate request\nA challenge password []:\nAn optional company name []:\n```\nPay attention to the Common Name which must have the same name of the host will serve the application (server.sponsor-api.com).   \nAs final step, generate the server certificate (validity 10 year) from the CSR previously created and sign it with the CA key:\n\n```bash\n$ openssl x509 -req -days 3650 -in server-csr.pem -CA server-ca-crt.pem -CAkey server-ca-key.pem -CAcreateserial -out server-crt.pem\nSignature ok\nsubject=C = IT, ST = Florence, L = Campi Bisenzio, O = AAA Ltd, OU = DevOps, CN = server.sponsor-api.com, emailAddress = info@sponsor-api.com\nGetting CA Private Key\nEnter pass phrase for server-ca-key.pem:\n```\n\nThe password requested is the one inserted during CA key generation. To verify the certificate signature against the CA you can issue the following command:\n```bash\n$ openssl verify -CAfile server-ca-crt.pem server-crt.pem\nserver-crt.pem: OK\n```\n\n## Generate client certificates\nNow it’s time to do the same steps for the Client.  \nFirst create a Certification Authority (CA) certificate for the client with 10 year validity and the related key.\n```bash\n$ openssl req -nodes -new -x509 -days 3650 -keyout client-ca-key.pem -out client-ca-crt.pem\nGenerating a RSA private key\n..........................................................+++++\n.............................................+++++\nwriting new private key to 'client-ca-key.pem'\nEnter PEM pass phrase:\nVerifying - Enter PEM pass phrase:\n-----\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter '.', the field will be left blank.\n-----\nCountry Name (2 letter code) [AU]:NL\nState or Province Name (full name) [Some-State]:Groningen\nLocality Name (eg, city) []:Groningen\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:Forus\nOrganizational Unit Name (eg, section) []:DevOps\nCommon Name (e.g. server FQDN or YOUR name) []:sponsor-api.com\nEmail Address []:info@sponsor-api.com\n```\n\nThe PEM pass phrase is optional. \nThe other questions are not mandatory, but it’s better if you answer all. \nThe most important question is the Common Name which should be the client main domain (sponsor-api.com).\n\nNow we generate the actual client certificate which will be used in the ssl handshake.   \nFirst we have to generate a random key (4096 bit length in our example):\n\n```bash\n$ openssl genrsa -out client-key.pem 4096\nGenerating RSA private key, 4096 bit long modulus (2 primes)\n..............++++\n........................................................................................++++\ne is 65537 (0x010001)\n```\n\nThen generate a Certificate Signing Request (CSR) with the key we have generated:\n\n```bash\n$ openssl req -new -sha256 -key client-key.pem -out client-csr.pem\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter '.', the field will be left blank.\n-----\nCountry Name (2 letter code) [AU]:NL\nState or Province Name (full name) [Some-State]:Groningen\nLocality Name (eg, city) []:Groningen\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:Forus\nOrganizational Unit Name (eg, section) []:DevOps\nCommon Name (e.g. server FQDN or YOUR name) []:client.sponsor-api.com\nEmail Address []:info@sponsor-api.com\n\nPlease enter the following 'extra' attributes\nto be sent with your certificate request\nA challenge password []:\nAn optional company name []:\n```\n\nPay attention to the Common Name which must have the same name of the host will serve the application (client.sponsor-api.com). As final step, generate the client certificate (validity 10 year) from the CSR previously created and sign it with the CA key:\n\n```bash\n$ openssl x509 -req -days 3650 -in client-csr.pem -CA client-ca-crt.pem -CAkey client-ca-key.pem -CAcreateserial -out client-crt.pem\nSignature ok\nsubject=C = IT, ST = Groningen, L = Groningen, O = BBB Ltd, CN = client.sponsor-api.com, emailAddress = info@sponsor-api.com\nGetting CA Private Key\nEnter pass phrase for client-ca-key.pem:\n```\n\nThe password requested is the one inserted during CA key generation.  \nTo verify the certificate signature against the CA you can issue the following command:\n\n```bash\n$ openssl verify -CAfile client-ca-crt.pem client-crt.pem\nclient-crt.pem: OK\n```\n\nNow we have all the client certificates we need!\n\n```bash\n-rw-rw-r--  1 user user 1350 dic 26 17:59 client-ca-crt.pem\n-rw-rw-r--  1 user user   41 dic 26 18:06 client-ca-crt.srl\n-rw-------  1 user user 1854 dic 26 17:58 client-ca-key.pem\n-rw-rw-r--  1 user user 1586 dic 26 18:06 client-crt.pem\n-rw-rw-r--  1 user user 1712 dic 26 18:04 client-csr.pem\n-rw-------  1 user user 3243 dic 26 18:03 client-key.pem\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fteamforus%2Fbackoffice-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fteamforus%2Fbackoffice-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fteamforus%2Fbackoffice-example/lists"}