Node Fetch Request Fails on Server: Unable to Get Local Issuer Certificate

Question

~ I'm using Node 10.9.0 and npm 6.2.0 ~

I have the following app running that allows me to make a request to the same site over http and over https.

var fetch = require('node-fetch')
const express = require('express')
const app = express()

//-- HTTP --
app.get('/test-no-ssl', function(req, res){
  fetch('http://jsonplaceholder.typicode.com/users')
  .then(res => res.json())
  .then(users => {
    res.send(users)
  }).catch(function(error) {
    res.send(error)
  })
})

//-- HTTPS --
app.get('/test-ssl', function(req, res){
  fetch('https://jsonplaceholder.typicode.com/users')
  .then(res => res.json())
  .then(users => {
    res.send(users)
  }).catch(function(error) {
    res.send(error)
  })
})

app.listen(3003, () => 
  console.log('Listening on port 3003...')
)

Both of these work fine on my local machine and return the JSON response that Typicode provides. But when I deploy these as a Node app on my web host (FastComet), I get the following results:

HTTP /test-no-ssl - Returns the JSON as expected

HTTPS /test-ssl - Returns the following error:

{ 
  "message" : "request to https://jsonplaceholder.typicode.com/users failed, reason: unable to get local issuer certificate",
  "type" : "system",
  "errno" : "UNABLE_TO_GET_ISSUER_CERT_LOCALLY",
  "code" : "UNABLE_TO_GET_ISSUER_CERT_LOCALLY"
}

I searched for this error and tried a couple of the usual fixes, but nothing has helped.

These didn't work:

npm config set registry http://registry.npmjs.org/

npm set strict-ssl=false

Has anyone else run into this on a shared hosting provider (that supports Node) and has been able to get this to work? Perhaps even someone who uses FastComet? The support staff of the host doesn't seem to know what to do either, so I'm at a loss.

Answer 1

Try using the following:

process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0

Answer 2

Hosting has probably some issue with list of certificate authorities... as a workaround you could try to ignore certificate validity.

const fetch = require('node-fetch')
const https = require('https')
const express = require('express')
const app = express()

const agent = new https.Agent({
  rejectUnauthorized: false
})

//-- HTTP --
app.get('/test-no-ssl', function(req, res){
  fetch('http://jsonplaceholder.typicode.com/users')
    .then(res => res.json())
    .then(users => {
      res.send(users)
    }).catch(function(error) {
    res.send(error)
  })
})

//-- HTTPS --
app.get('/test-ssl', function(req, res){
  fetch('https://jsonplaceholder.typicode.com/users', { agent })
    .then(res => res.json())
    .then(users => {
      res.send(users)
    }).catch(function(error) {
    res.send(error)
  })
})

app.listen(3003, () =>
  console.log('Listening on port 3003...')
)

Note: this has security implications, making https insecure the same way as http.