I am new to back-end development. And I am really enjoying writing code in node. However, there are few things I just can't seem to grasp. I kept getting the following error:
Error: DEPTH_ZERO_SELF_SIGNED_CERT
I fixed it by implementing the following code:
if ('development' == app.get('env')) { console.log("Rejecting node tls"); process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; }
I understand we are setting an environment. But, what does this mean in a plain language? I don't know how to explain it to someone else. There is a lot onof info, how to fix it, but I can't find anything on what does this actually mean.
Can someone explain?
In Node. js, process. env is a global variable that is injected during runtime. It is a view of the state of the system environment variables. When we set an environment variable, it is loaded into process.
It's a system environment variable that Node exposes to your application, and apparently the Express web server library popularized using its value to determine whether to do optimizations or not.
The process.env property is an inbuilt application programming interface of the process module which is used to get the user environment. Syntax: process.env. Return Value: This property returns an object containing the user environment.
Node is complaining because the TLS (SSL) certificate it's been given is self-signed (i.e. it has no parent - a depth of 0). It expects to find a certificate signed by another certificate that is installed in your OS as a trusted root.
Your "fix" is to disable Node from rejecting self-signed certificates by allowing ANY unauthorised certificate.
Your fix is insecure and shouldn't really be done at all, but is often done in development (it should never be done in production).
The proper solution should be to put the self-signed certificate in your trusted root store OR to get a proper certificate signed by an existing Certificate Authority (which is already trusted by your server).
As an additional point your logging should thus read "Disabling Node's rejection of invalid/unauthorised certificates"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With