nodejs - 证书链中的错误自签名证书 [英] nodejs - error self signed certificate in certificate chain

查看：57 发布时间：2021/12/13 14:31:49 javascript node.js authentication ssl https

本文介绍了nodejs - 证书链中的错误自签名证书的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我遇到了客户端 https 请求的问题.

I am facing a problem with client side https requests.

一个片段可以是这样的:

A snippet can look like this:

var fs = require('fs');
var https = require('https');

var options = {
    hostname: 'someHostName.com',
    port: 443,
    path: '/path',
    method: 'GET',
    key: fs.readFileSync('key.key'),
    cert: fs.readFileSync('certificate.crt')
}

var requestGet = https.request(options, function(res){
    console.log('resObj', res);
}

我得到的是错误:证书链中的自签名证书.

What I get is Error: self signed certificate in certificate chain.

当我使用 Postman 时，我可以导入客户端证书和密钥并毫无问题地使用它.有什么解决办法吗??我还想了解邮递员如何处理证书和工作.

When I use Postman I can import the client certificate and key and use it without any problem. Is there any solution available?? I would also like to be given some lights on how postman handles the certificates and works.

选项 1:禁用警告(对开发人员有用)

根据您的问题，我猜您正在开发中这样做，因为您使用自签名证书进行 SSL 通信.

Option 1: Disable the warning (useful for dev)

From your question I'm guessing you are doing this in development as you are using a self signed certificate for SSL communication.

如果是这种情况，请在运行 node 的任何地方添加为环境变量

If that's the case, add as an environment variable wherever you are running node

export NODE_TLS_REJECT_UNAUTHORIZED='0'
node app.js

或者直接用

NODE_TLS_REJECT_UNAUTHORIZED='0' node app.js

这会指示 Node 允许不受信任的证书(不受信任 = 未经证书颁发机构验证)

This instructs Node to allow untrusted certificates (untrusted = not verified by a certificate authority)

如果您不想设置环境变量或需要为多个应用程序执行此操作，npm 有一个 strict-ssl 配置，您可以将其设置为 false

If you don't want to set an environment variable or need to do this for multiple applications npm has a strict-ssl config you set to false

npm config set strict-ssl=false

选项 2:加载 CA 证书，如邮递员(用于 TLS 测试)

如果您已经像@kDoyle 提到的海报一样拥有 CA 证书，那么您可以在每个请求中进行配置(感谢@nic ferrier).

Option 2: Load in CA cert, like postman (useful for testing with TLS)

If you have a CA cert already like the poster @kDoyle mentioned then you can configure in each request (thanks @nic ferrier).

 let opts = {
    method: 'GET',
    hostname: "localhost",
    port: listener.address().port,
    path: '/',
    ca: fs.readFileSync("cacert.pem")
  };

  https.request(opts, (response) => { }).end();

选项 3:使用来自可信来源的正确 SSL 证书(对生产有用)

letsencrypt.org 是免费的，易于设置并且密钥可以自动轮换.https://letsencrypt.org/docs/

这篇关于nodejs - 证书链中的错误自签名证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

nodejs - 证书链中的错误自签名证书 [英] nodejs - error self signed certificate in certificate chain

问题描述

推荐答案

选项 1:禁用警告(对开发人员有用)

Option 1: Disable the warning (useful for dev)

选项 2:加载 CA 证书，如邮递员(用于 TLS 测试)

Option 2: Load in CA cert, like postman (useful for testing with TLS)

选项 3:使用来自可信来源的正确 SSL 证书(对生产有用)

相关文章

前端开发最新文章

热门教程

热门工具

登录关闭

nodejs - 证书链中的错误自签名证书 [英] nodejs - error self signed certificate in certificate chain

问题描述

推荐答案

选项 1:禁用警告(对开发人员有用)

Option 1: Disable the warning (useful for dev)

选项 2:加载 CA 证书，如邮递员(用于 TLS 测试)

Option 2: Load in CA cert, like postman (useful for testing with TLS)

选项 3:使用来自可信来源的正确 SSL 证书(对生产有用)

相关文章

前端开发最新文章

热门教程

热门工具

登录 关闭

登录关闭