堆栈内存溢出
  简体   繁体   English

Node.JS Error- process.env.NODE_TLS_REJECT_UNAUTHORIZED。这是什么意思?

[英]Node.JS Error- process.env.NODE_TLS_REJECT_UNAUTHORIZED. What does this mean?

 原文  2016-02-25 17:10:31       javascript/ node.js/ ssl/ server/ certificate

问题描述

I am new to back-end development. 我是后端开发的新手。 And I am really enjoying writing code in node. 我真的很高兴在节点中编写代码。 However, there are few things I just can't seem to grasp. 但是,我似乎无法掌握的东西很少。 I kept getting the following error: 我一直收到以下错误:

Error: DEPTH_ZERO_SELF_SIGNED_CERT 错误:DEPTH_ZERO_SELF_SIGNED_CERT

I fixed it by implementing the following code: 我通过实现以下代码修复它: 

if ('development' == app.get('env')) {
    console.log("Rejecting node tls");
    process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
}

I understand we are setting an environment. 我知道我们正在创造一个环境。 But, what does this mean in a plain language? 但是,这用简单的语言意味着什么呢? I don't know how to explain it to someone else. 我不知道如何向其他人解释。 There is a lot onof info, how to fix it, but I can't find anything on what does this actually mean . 有很多onof信息,如何解决它,但我找不到任何关于这实际意味着什么。

Can someone explain? 谁能解释一下?

1 个解决方案

解决方案1
 22 已采纳  2016-02-25 17:18:13

Node is complaining because the TLS (SSL) certificate it's been given is self-signed (ie it has no parent - a depth of 0). 节点抱怨,因为它给出的TLS(SSL)证书是自签名的(即它没有父亲 - 深度为0)。 It expects to find a certificate signed by another certificate that is installed in your OS as a trusted root. 它希望找到由您的操作系统中安装的另一个证书签名的证书作为受信任的根。

Your "fix" is to disable Node from rejecting self-signed certificates by allowing ANY unauthorised certificate. 您的“修复”是禁止Node通过允许任何未经授权的证书拒绝自签名证书。

Your fix is insecure and shouldn't really be done at all, but is often done in development (it should never be done in production). 你的修复是不安全的,根本不应该完成,但通常在开发中完成(它永远不应该在生产中完成)。

The proper solution should be to put the self-signed certificate in your trusted root store OR to get a proper certificate signed by an existing Certificate Authority (which is already trusted by your server). 正确的解决方案应该是将自签名证书放入受信任的根存储中,或者获取由现有证书颁发机构(服务器已经信任)签署的正确证书。

As an additional point your logging should thus read "Disabling Node's rejection of invalid/unauthorised certificates" 另外一点,您的日志记录应该是“禁用节点拒绝无效/未授权的证书”

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在heroku中,node.js中的错误状态413是什么意思? - what does error status 413 in node.js, heroku mean? (** variable)在node.js中是什么意思? - what does (**variable) mean in node.js? 需要在node.js中使用process.env吗? - require process.env in node.js? Node.js REPL中的“_”(下划线)符号是什么意思? - What does the “_” (underscore) symbol in Node.js REPL mean? node.js控制台中的“ undefined”是什么意思? - What does the `undefined` mean in node.js console? node.js 依赖列表中的“^”是什么意思? - What does “^” mean in node.js dependency list? Electron将Node.js和Chromium上下文结合起来意味着什么? - What does it mean for Electron to combine Node.js and Chromium contexts? response.on 是什么意思? 节点.js - What does response.on mean? Node.js Javascript(或者是node.js)。 这个表达是什么意思? - Javascript (or is it node.js) . what does this expression mean? Node.js 的“require”中的波浪号 (~) 是什么意思? - What does the tilde (~) mean in Node.js's "require"?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM