Javascript Node.JS 错误 - process.env.NODE_TLS_REJECT_UNAUTHORIZED。这是什么意思?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/35633829/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Node.JS Error- process.env.NODE_TLS_REJECT_UNAUTHORIZED. What does this mean?
提问by Mihir Patel
I am new to back-end development. And I am really enjoying writing code in node. However, there are few things I just can't seem to grasp. I kept getting the following error:
我是后端开发的新手。我真的很喜欢在 node.js 中编写代码。然而,有几件事我似乎无法理解。我不断收到以下错误:
Error: DEPTH_ZERO_SELF_SIGNED_CERT
错误:DEPTH_ZERO_SELF_SIGNED_CERT
I fixed it by implementing the following code:
我通过实现以下代码修复了它:
if ('development' == app.get('env')) {
console.log("Rejecting node tls");
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
}
I understand we are setting an environment. But, what does this mean in a plain language? I don't know how to explain it to someone else. There is a lot onof info, how to fix it, but I can't find anything on what does this actually mean.
我知道我们正在设置一个环境。但是,这在通俗的语言中意味着什么?我不知道怎么跟别人解释。有很多 onof 信息,如何修复它,但我找不到任何关于这实际上意味着什么的信息。
Can someone explain?
有人可以解释一下吗?
回答by Philip Whitehouse
Node is complaining because the TLS (SSL) certificate it's been given is self-signed (i.e. it has no parent - a depth of 0). It expects to find a certificate signed by another certificate that is installed in your OS as a trusted root.
Node 抱怨是因为它被授予的 TLS (SSL) 证书是自签名的(即它没有父级 - 深度为 0)。它希望找到由另一个安装在您的操作系统中作为受信任根的证书签名的证书。
Your "fix" is to disable Node from rejecting self-signed certificates by allowing ANY unauthorised certificate.
您的“修复”是通过允许任何未经授权的证书来禁止 Node 拒绝自签名证书。
Your fix is insecure and shouldn't really be done at all, but is often done in development (it should never be done in production).
您的修复是不安全的,根本不应该完成,但通常在开发中完成(永远不应该在生产中完成)。
The proper solution should be to put the self-signed certificate in your trusted root store OR to get a proper certificate signed by an existing Certificate Authority (which is already trusted by your server).
正确的解决方案应该是将自签名证书放在受信任的根存储中,或者获取由现有证书颁发机构(您的服务器已经信任)签名的正确证书。
As an additional point your logging should thus read "Disabling Node's rejection of invalid/unauthorised certificates"
作为附加点,您的日志记录应阅读“禁用节点拒绝无效/未经授权的证书”
