Menu
I have created a soap client in node.js using soap.js.Soap communication is done over https. When I try to connect I keep getting this error
{ [Error: self signed certificate] code: 'DEPTH_ZERO_SELF_SIGNED_CERT' }
Below is my code
var url = '../public/test.wsdl';
var client = soap.createClient(url,sslOptions, function(err, client) {
client.setSecurity(new soap.WSSecurity('testuser', 'testpassword'));
client.CheckStatus(args, function(err, result) {
console.log(err);
// console.log(result);
});
});
I've also tried the following ssl setting but did't work out
sslOptions = {
key: fs.readFileSync( '../certs/test-key.pem'),
cert: fs.readFileSync( '../certs/test-cert.pem'),
rejectUnauthorized : false,
secureOptions : constants.SSL_OP_NO_TLSv1_2,
strictSSL : false
};
Any help would be appreciated !!
387
The easiest solution to resolve these errors is to use the “rejectUnauthorized” option shown below. However, this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack.
env. NODE_EXTRA_CA_CERTS . process stores information about the node process running. env stores all the environment variables (that get populated by dotenv-webpack ).
By setting rejectUnauthorized: false , you're saying "I don't care if I can't verify the server's identity." Obviously this is not a good solution as it leaves you vulnerable to MITM attacks.
Found it yesterday on their github repo
@tesfel tesfel commented on 17 Feb
Add the cert to your trusted list at you computer or add
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"to your code.
157
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
