节点的证书存储在哪里? [英] Where is node's certificate store?
问题描述
我正在使用自签名证书向服务器发出https请求(使用请求模块).如果我未指定strictSSL: false
作为选项,则会引发错误.
I am making an https request (using the request module) to a server with a self-signed cert. It throws an error if I don't specify strictSSL: false
as an option.
此证书已经在我的OS(OSX)上得到信任,因此Chrome从该服务器访问网页时不会引发错误.
This cert is already trusted on my OS (OSX), such that Chrome doesn't throw an error while accessing a webpage from that server.
我了解不同的应用程序/环境可能具有自己的证书存储. Firefox拥有自己的操作系统,例如,JVM通常位于$ JAVA_HOME/jre/lib/security/cacerts(在OSX上).
I understand different applications/environments may have their own certificate stores. Firefox has its own, and the JVM, for example, is usually at $JAVA_HOME/jre/lib/security/cacerts (on OSX).
我的问题是,节点在哪里寻找其受信任的CA?有这样的概念吗?我想在此处添加我的自签名证书以用于开发.
My question is, where does node look for its trusted CA's? Is there such a concept? I'd like to add my self-signed cert there for development purposes.
推荐答案
没有商店.您可以将ca
选项传递给https请求,以告诉它您信任哪些CA.
There is not a store. You can pass a ca
option to the https request to tell it what CAs you do trust.
从文档中:还可以指定tls.connect()中的以下选项.但是,globalAgent默默地忽略了这些.
From the docs: The following options from tls.connect() can also be specified. However, a globalAgent silently ignores these.
ca: An authority certificate or array of authority certificates to check the remote host against.
为了指定这些选项,请使用自定义Agent
.
In order to specify these options, use a custom Agent
.
var options = {
...
ca: CA or [array of CAs]
...
};
options.agent = new https.Agent(options);
var req = https.request(options, function(res) {
参考: http://nodejs.org/api/https.html#https_https_request_options_callback
这篇关于节点的证书存储在哪里?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!