stackoom
  简体   繁体   中英

Unable to verify the first certificate - Nodejs TLS

 原文  2019-12-04 13:20:38       node.js/ ssl/ tls1.2/ ftps

Question

I'm using the node-module basic-ftp to try to establish a secure connection via TLS/ SSL . The server uses a wildcard CA-signed certificate as it's hostname. I can't seem to find an answer for the followig error code.

Connected to 1.1.1.1:21
< 220 Welcome to ftp.foo.com  
> AUTH TLS 
< 234 Using authentication type TLS
{ Error: unable to verify the first certificate
   at TLSSocket.onConnectSecure (_tls_wrap.js:1051:34)
   at TLSSocket.emit (events.js:189:13)
   at TLSSocket._finishInit (_tls_wrap.js:633:8) code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE' 
}

Below you find the sample code:

const ftp = require("basic-ftp");

async establishFtpsConnection() {
    const client = new ftp.Client();
    client.ftp.verbose = true;

    try {
        await client.access({
            host: "ftp.foo.com",
            user: "bar",
            password: "1234",
            port: 21,
            secure: true
        });

        const list = await client.list();
        console.log(list);
    } catch (err) {
        console.log(err);
    }

    client.close();
}

NOTE: I'm trying to get it to work for my production environment. So disabling or rejecting unauthorization is NO option for me.

process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';

OR

rejectUnauthorized: false

1 answers

solution1
 0  2019-12-04 14:33:05

Try this :

const ftp = require("basic-ftp");

async establishFtpsConnection() {
    const client = new ftp.Client();
    client.ftp.verbose = true;
    const tlsOptions = {
            cert: fs.readFileSync('fullchain.pem', 'ascii')
             // a PEM containing the SERVER and ALL INTERMEDIATES
           }


    try {
        await client.access({
            host: "ftp.foo.com",
            user: "bar",
            password: "1234",
            port: 21,
            secure: true,
           secureOptions:tlsOptions
        });

        const list = await client.list();
        console.log(list);
    } catch (err) {
        console.log(err);
    }

    client.close();
}

If you are still getting an error then try to inject root SSL certificates

var sslRootCAs = require('ssl-root-cas/latest')
sslRootCAs.inject()

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question elasticdump with TLS - unable to verify the first certificate unable to verify the first certificate in nodejs with loopbackjs Nodejs Fetch API: unable to verify the first certificate Error: unable to verify the first certificate in nodejs Unable to verify the first certificate Unable to verify the first certificate; NodeJs vs Python Requests Error: unable to verify the first certificate in nodejs azure queue storage createMessage stompit is nodejs module failed to connect with error “”Unable to verify the first certificate" SwagQL - Unable to verify the first certificate "unable to verify the first certificate" when connecting to elasticsearch from nodejs using self-generated certificates
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM