节点的证书存储在哪里? [英] Where is node's certificate store?

问题描述

我正在使用自签名证书向服务器发出https请求(使用请求模块).如果我未指定strictSSL: false作为选项，则会引发错误.

I am making an https request (using the request module) to a server with a self-signed cert. It throws an error if I don't specify strictSSL: false as an option.

此证书已经在我的OS(OSX)上得到信任，因此Chrome从该服务器访问网页时不会引发错误.

This cert is already trusted on my OS (OSX), such that Chrome doesn't throw an error while accessing a webpage from that server.

我了解不同的应用程序/环境可能具有自己的证书存储. Firefox拥有自己的操作系统，例如，JVM通常位于$ JAVA_HOME/jre/lib/security/cacerts(在OSX上).

I understand different applications/environments may have their own certificate stores. Firefox has its own, and the JVM, for example, is usually at $JAVA_HOME/jre/lib/security/cacerts (on OSX).

我的问题是，节点在哪里寻找其受信任的CA?有这样的概念吗?我想在此处添加我的自签名证书以用于开发.

My question is, where does node look for its trusted CA's? Is there such a concept? I'd like to add my self-signed cert there for development purposes.

推荐答案

没有商店.您可以将ca选项传递给https请求，以告诉它您信任哪些CA.

There is not a store. You can pass a ca option to the https request to tell it what CAs you do trust.

从文档中:还可以指定tls.connect()中的以下选项.但是，globalAgent默默地忽略了这些.

From the docs: The following options from tls.connect() can also be specified. However, a globalAgent silently ignores these.

ca: An authority certificate or array of authority certificates to check the remote host against.

为了指定这些选项，请使用自定义Agent.

In order to specify these options, use a custom Agent.

var options = {
  ...
  ca: CA or [array of CAs]
  ...
};

options.agent = new https.Agent(options);

var req = https.request(options, function(res) {

参考: http://nodejs.org/api/https.html#https_https_request_options_callback

这篇关于节点的证书存储在哪里?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！