如何在 node.js 中禁用 SSL 验证
[英]How to disable SSL verification in node.js
问题描述
如何使用node.js禁用客户端 SSL 验证?
1 个解决方案
解决方案1
1 2021-10-16 13:49:59
Using a node.js client library as node-fetch, you can disable client ssl verification (when connecting to a server) with this line:
使用 node.js 客户端库作为节点提取,您可以使用以下行禁用客户端 ssl 验证(连接到服务器时):
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
But it will disable SSL verification at all, and you continue seeing a warning.但它会完全禁用 SSL 验证,并且您会继续看到警告。
A better idea is to add that certificate to the a bundle of own certificates.更好的主意是将该证书添加到自己的证书包中。 You must set an environtment variable.您必须设置环境变量。 For example, on windows is:例如,在 windows 上是:
SET "NODE_EXTRA_CA_CERTS=PATH TO OWN BUNDLE\\bundle.pem"
and then execute node.然后执行节点。 Of better, adding this environtment variable to the windows environtment variables.更好的是,将此环境变量添加到 windows 环境变量中。
The way you can retrieve public ssl server certificate is, using chrome, open that url on the browser.检索公共 ssl 服务器证书的方法是使用 chrome 在浏览器上打开该 url。 Then click on the security lock, clickon certificate, path to certificate, then click on the most top level certificate that lets you 'see certificate', then see certificate, then details, then copy to file.然后单击安全锁,单击证书,证书路径,然后单击让您“查看证书”的最顶级证书,然后查看证书,然后是详细信息,然后复制到文件。 Then select 2nd option (x.509 base 64 coded .CER), then save.然后选择第二个选项(x.509 base 64 coded .CER),然后保存。 So you now have that server public certificate.因此,您现在拥有该服务器公共证书。
Now you can rename file to bundle.pem, and use previous NODE_EXTRA_CA_CERTS system environtment property to point to that file.现在您可以将文件重命名为 bundle.pem,并使用以前的 NODE_EXTRA_CA_CERTS 系统环境属性指向该文件。
If you want to add more server certificates, just repeat chrome step, and to add the new_certificate.cer to the bundle.pem, just make如果要添加更多服务器证书,只需重复 chrome 步骤,并将 new_certificate.cer 添加到 bundle.pem,只需
cat bundle.pem new_certificate.cer > bundle.pem
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.