How to disable SSL verification in node.js

Question

如何使用node.js禁用客户端 SSL 验证？

Answer 1

Using a node.js client library as node-fetch, you can disable client ssl verification (when connecting to a server) with this line:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

But it will disable SSL verification at all, and you continue seeing a warning.

A better idea is to add that certificate to the a bundle of own certificates. You must set an environtment variable. For example, on windows is:

SET "NODE_EXTRA_CA_CERTS=PATH TO OWN BUNDLE\\bundle.pem"

and then execute node. Of better, adding this environtment variable to the windows environtment variables.

The way you can retrieve public ssl server certificate is, using chrome, open that url on the browser. Then click on the security lock, clickon certificate, path to certificate, then click on the most top level certificate that lets you 'see certificate', then see certificate, then details, then copy to file. Then select 2nd option (x.509 base 64 coded .CER), then save. So you now have that server public certificate.

Now you can rename file to bundle.pem, and use previous NODE_EXTRA_CA_CERTS system environtment property to point to that file.

If you want to add more server certificates, just repeat chrome step, and to add the new_certificate.cer to the bundle.pem, just make

cat bundle.pem new_certificate.cer > bundle.pem