Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Node.JS Error- process.env.NODE_TLS_REJECT_UNAUTHORIZED. What does this mean?

Tags:

I am new to back-end development. And I am really enjoying writing code in node. However, there are few things I just can't seem to grasp. I kept getting the following error:

Error: DEPTH_ZERO_SELF_SIGNED_CERT

I fixed it by implementing the following code:

if ('development' == app.get('env')) {     console.log("Rejecting node tls");     process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; }

I understand we are setting an environment. But, what does this mean in a plain language? I don't know how to explain it to someone else. There is a lot onof info, how to fix it, but I can't find anything on what does this actually mean.

Can someone explain?

like image 947
Mihir Patel Avatar asked Feb 25 '16 17:02

Mihir Patel

People also ask

What does env mean in node JS?

In Node. js, process. env is a global variable that is injected during runtime. It is a view of the state of the system environment variables. When we set an environment variable, it is loaded into process.

What is process env NODE_ENV === development?

It's a system environment variable that Node exposes to your application, and apparently the Express web server library popularized using its value to determine whether to do optimizations or not.

What is process env return?

The process.env property is an inbuilt application programming interface of the process module which is used to get the user environment. Syntax: process.env. Return Value: This property returns an object containing the user environment.

1 Answers

Node is complaining because the TLS (SSL) certificate it's been given is self-signed (i.e. it has no parent - a depth of 0). It expects to find a certificate signed by another certificate that is installed in your OS as a trusted root.

Your "fix" is to disable Node from rejecting self-signed certificates by allowing ANY unauthorised certificate.

Your fix is insecure and shouldn't really be done at all, but is often done in development (it should never be done in production).

The proper solution should be to put the self-signed certificate in your trusted root store OR to get a proper certificate signed by an existing Certificate Authority (which is already trusted by your server).

As an additional point your logging should thus read "Disabling Node's rejection of invalid/unauthorised certificates"

like image 121
Philip Whitehouse Avatar answered Sep 20 '22 12:09

Philip Whitehouse
Sign in to Comment

Related questions

How do I pass through the "next" URL with Flask and Flask-login?
Python combinations without repetitions
Getting Current User in .NET Core Console
Why Spark 1.6 does not use Akka?
Why is React Webpack production build showing Blank page?
Basic 1d convolution in tensorflow
CAGradientLayer diagonal gradient
npm script, copy package.json to dist when bundling
Why does Spark report "java.net.URISyntaxException: Relative path in absolute URI" when working with DataFrames?
How do I open the sdk manager in the Mac
Is it possible to rename a key in the Firebase Realtime Database?
After update to Android Studio 2.2 / gradle plugin 2.2.0: "could not get unknown property 'assembleRelease'"

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!