Javascript nodejs - 证书链中的错误自签名证书
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/45088006/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
nodejs - error self signed certificate in certificate chain
提问by kDoyle
I am facing a problem with client side https requests.
我正面临客户端 https 请求的问题。
A snippet can look like this:
片段可能如下所示:
var fs = require('fs');
var https = require('https');
var options = {
hostname: 'someHostName.com',
port: 443,
path: '/path',
method: 'GET',
key: fs.readFileSync('key.key'),
cert: fs.readFileSync('certificate.crt')
}
var requestGet = https.request(options, function(res){
console.log('resObj', res);
}
What I get is Error: self signed certificate in certificate chain.
我得到的是错误:证书链中的自签名证书。
When I use Postman I can import the client certificate and key and use it without any problem. Is there any solution available?? I would also like to be given some lights on how postman handles the certificates and works.
当我使用 Postman 时,我可以导入客户端证书和密钥并毫无问题地使用它。有什么解决办法吗??我还想了解邮递员如何处理证书和工作。
回答by Peter Grainger
From your question I'm guessing you are doing this in development as you are using a self signed certificate for SSL communication.
根据您的问题,我猜您正在开发中这样做,因为您正在使用自签名证书进行 SSL 通信。
If that's the case, add NODE_TLS_REJECT_UNAUTHORIZED='0'as an environment variable wherever you are running node or running node directly with NODE_TLS_REJECT_UNAUTHORIZED='0' node app.js
如果是这种情况,NODE_TLS_REJECT_UNAUTHORIZED='0'请在运行 node 或直接运行 node 的任何地方添加为环境变量NODE_TLS_REJECT_UNAUTHORIZED='0' node app.js
This instructs Node to allow untrusted certificates (untrusted = not verified by a certificate authority)
这指示节点允许不受信任的证书(不受信任 = 未经证书颁发机构验证)
If you don't want to set an environment variable or need to do this for multiple applications npm has a configuration you can set using the command npm config set strict-ssl=false
如果您不想设置环境变量或需要为多个应用程序执行此操作 npm 有一个配置,您可以使用命令进行设置 npm config set strict-ssl=false
I would not recommend setting this environment variable in production. Use a free SSL cert from a trusted provider like letsencrypt.org
我不建议在生产中设置这个环境变量。使用来自诸如letsencrypt.org 等可信提供商的免费 SSL 证书
回答by Arsalan Ahmed Khan
You can write command npm config set strict-ssl=false
您可以编写命令npm config set strict-ssl=false
回答by Mukesh Kumar
You can fix this issue using NODE_TLS_REJECT_UNAUTHORIZED=0in the terminal or inserting the following line within the JS file.
您可以NODE_TLS_REJECT_UNAUTHORIZED=0在终端中使用或在 JS 文件中插入以下行来解决此问题。
process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = 0;
Beware that this a hack and it should not be used in production.
请注意,这是一种黑客行为,不应在生产中使用。
If you are using windows then run the following command in the command prompt:
如果您使用的是 Windows,则在命令提示符下运行以下命令:
set NODE_TLS_REJECT_UNAUTHORIZED=0
After that, npm install <my-package>will work.
之后,npm install <my-package>将工作。
回答by GGEv
you just add at the start of your code this line:
您只需在代码的开头添加这一行:
process.env.NODE_TLS_REJECT_UNAUTHORIZED='0'
And everything solved, but in any case it is not recommendable, I am investigating the solution of https://letsencrypt.org/
一切都解决了,但无论如何都不值得推荐,我正在研究解决方案 https://letsencrypt.org/
回答by nic ferrier
Turning off verification is quite a dangerous thing to do. Much better to verify the certificate.
关闭验证是一件非常危险的事情。验证证书要好得多。
You can pull the Certificate Authority certificate into the request with the cakey of the options object, like this:
您可以ca使用 options 对象的密钥将证书颁发机构证书拉入请求中,如下所示:
let opts = {
method: 'GET',
hostname: "localhost",
port: listener.address().port,
path: '/',
ca: await fs.promises.readFile("cacert.pem")
};
https.request(opts, (response) => { }).end();
I put a whole demo together of this so you can see how to construct SSL tests.
我将整个演示放在一起,以便您了解如何构建 SSL 测试。
It's here.
它在这里。
