堆栈内存溢出
  简体   繁体   English

节点JS REST调用错误:证书链中的自签名证书

[英]Node JS REST call Error: self signed certificate in certificate chain

 原文  2017-06-21 17:31:15       node.js/ rest/ npm/ ssl-certificate

问题描述

I am trying to call secure REST service of other application. 我正在尝试调用其他应用程序的安全REST服务。 Also providing client certificate, but getting error as below: 还提供了客户端证书,但出现以下错误: 

        request function
        Response:  IncomingMessage {
          _readableState: 
           ReadableState {
             objectMode: false,
             highWaterMark: 16384,
             buffer: BufferList { head: null, tail: null, length: 0 },
             length: 0,
        .........
        authorized: false,
             **authorizationError: 'SELF_SIGNED_CERT_IN_CHAIN',**
             encrypted: true,
    ..........

I tried to test it with rest client using postman and getting the response. 我尝试使用邮递员与其余客户进行测试,并获得响应。 But not working through above Node JS program/ code. 但是无法通过上述Node JS程序/代码工作。 So as per my understanding this is happening due to SSL-intercepting proxy; 因此,据我了解,这是由于SSL拦截代理引起的; npm detects this and complains. npm检测到这一点并抱怨。

I have implemented the Rest client in the Node JS application with POST method to consume the REST service is as below. 我已经使用POST方法在Node JS应用程序中实现了Rest客户端,以使用REST服务,如下所示。 

    var https = require('https');
    var fs = require('fs');'

    process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

    var options = {
    host: '<HOSTNAME>',
    port: '<PORT>',
    path: '<PATH>',
    method: 'POST',
    headers: {
    'Content-Type': 'application/json',
    'Accept': 'application/json',
    'Authorization': '',
    },
    ca: [ fs.readFileSync('<.jks file/ certificate name>') ],
    checkServerIdentity: function (host, cert) {
        },
     rejectUnauthorized:false,
    body: ''
    };

    var req = https.request(options, function(res) {
    console.log('request function')
    console.log("Response: ", res);
    res.on('data', function(d) {
    '' +
    '?' });
    });

    req.end();

    req.on('error', function(e) {
    console.error(e);
    });

I tried other solutions like "npm config set strict-ssl false" command but could not work. 我尝试了其他解决方案,例如“ npm config set strict-ssl false”命令,但无法正常工作。

I also tried with rejectUnauthorized:false and process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0" as you can see in my code but nothing is working so far. 我还尝试了rejectUnauthorized:false和process.env.NODE_TLS_REJECT_UNAUTHORIZED =“ 0”,正如您在我的代码中看到的那样,但到目前为止没有任何效果。 

Few required entries in .npmrc file are as below:
registry=https://registry.npmjs.org/
strict-ssl=false
cafile= <certificate path>

I tried all the possibilities but getting error as mentioned, please suggest if I missed anything or need to update anything. 我尝试了所有可能性,但遇到了如上所述的错误,请提出建议,如果我错过了任何事情或需要更新任何内容。 Thank you. 谢谢。

1 个解决方案

解决方案1
 0  2017-06-22 21:35:44

我发现的一种解决方案是我可以忽略使用Node JS的主机名检查以使用Rest服务,但是无法找到如何使用上述Node JS代码忽略主机名。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 node.js elasticsearch 证书链中的自签名证书 - node.js elasticsearch self signed certificate in certificate chain 证书链中的自签名证书将node.js SDK用于Watson Assistant时出错 - Self signed certificate in certificate chain Error while using node.js SDK for watson assistant nodejs - 证书链中的错误自签名证书 - nodejs - error self signed certificate in certificate chain 证书链中的nodemailer错误自签名证书 - nodemailer error self signed certificate in certificate chain 错误:Node.js证书链中的自签名证书 - Error: self signed certificate in certificate chain in nodejs 邮件中证书链错误中的自签名证书 - self signed certificate in certificate chain error in mail nodemailer错误:证书链中的自签名证书 - nodemailer error: self signed certificate in certificate chain 证书链中的自签名证书 - Self signed certificate in certificate chain 无法使用 Kubernetes 上的 Node.Js 连接到 Elasticsearch(证书链中的自签名证书) - Can't connect to Elasticsearch with Node.Js on Kubernetes (self signed certificate in certificate chain) ionic 3 / node.js - 证书链中的自签名证书(如何禁用strict-ssl?) - ionic 3 / node.js - Self signed certificate in certificate chain (how to disable strict-ssl?)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM