Node.js error with SSL UNABLE_TO_VERIFY_LEAF

System: Windows 7

NodeJS version: 0.10.2

WS module: ws, last version

Error:

events.js:72
        throw er; // Unhandled 'error' event
              ^
Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
    at SecurePair. (tls.js:1283:32)
    at SecurePair.EventEmitter.emit (events.js:92:17)
    at SecurePair.maybeInitFinished (tls.js:896:10)
    at CleartextStream.read [as _read] (tls.js:430:15)
    at CleartextStream.Readable.read (_stream_readable.js:294:10)
    at EncryptedStream.write [as _write] (tls.js:344:25)
    at doWrite (_stream_writable.js:211:10)
    at writeOrBuffer (_stream_writable.js:201:5)
    at EncryptedStream.Writable.write (_stream_writable.js:172:11)
    at write (_stream_readable.js:547:24)

Server:

(function(){

    "use strict";

    var fs = require('fs');

    // you'll probably load configuration from config
    var cfg = {
        ssl: true,
        port: 8080,
        ssl_key: 'crt/server1.key',
        ssl_cert: 'crt/server1.crt'
    };

    var httpServ = require('https') 

    var WebSocketServer   = require('ws').Server;

    var app      = null;

    // dummy request processing
    var processRequest = function( req, res ) {

        res.writeHead(200);
        res.end("All glory to WebSockets!\n");
    };

    if ( cfg.ssl ) {

        app = httpServ.createServer({

            // providing server with  SSL key/cert
            key: fs.readFileSync( cfg.ssl_key ),
            cert: fs.readFileSync( cfg.ssl_cert ),
            //requestCert: true,
            //rejectUnauthorized: false

        }, processRequest ).listen( cfg.port );

    } else {

        app = httpServ.createServer( processRequest ).listen( cfg.port );
    }

    // passing or reference to web server so WS would knew port and SSL capabilities
    var wss = new WebSocketServer( { server: app } );


    wss.on( 'connection', function ( wsConnect ) {

        wsConnect.on( 'message', function ( message ) {

            console.log( message );

        });

    });


}());

Client:

var WebSocket = require('ws');
var ws = new WebSocket('wss://localhost:8080');
ws.on('open', function() {
    ws.send('something');
});

The certificate confirmed.

Help> please!

Does node js support https?

To create an HTTPS server, you need two things: an SSL certificate, and built-in https Node. js module. We need to start out with a word about SSL certificates. Speaking generally, there are two kinds of certificates: those signed by a 'Certificate Authority', or CA, and 'self-signed certificates'.

What is Node_extra_ca_certs?

NODE_EXTRA_CA_CERTS. From Node version 7.3. 0, NODE_EXTRA_CA_CERTS environment variable is introduced to pass in a CA certificate file. This allows the “root” CAs to be extended with the extra certificates in file. The file should consist of one or more trusted certificates in PEM format.

What is rejectUnauthorized?

By setting rejectUnauthorized: false , you're saying "I don't care if I can't verify the server's identity." Obviously this is not a good solution as it leaves you vulnerable to MITM attacks.

I'm using a package called "superagent" and getting the same error. After trying several potential fixes, I came across this one that works for me 100% of the time:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

There's no need to do any requires or whatever : just add this to your code before your network calls and you're good to go.

Node.js error with SSL UNABLE_TO_VERIFY_LEAF_SIGNATURE

Tags:

javascript

node.js

windows

ssl

openssl

Yaroslav L.

People also ask

Video Answer

1 Answers

dpjanes

Recent Activity

Donate For Us