Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Node.js request CERT_HAS_EXPIRED

Tags:

javascript

node.js

express

request

I'm using Mikeal's request (https://github.com/mikeal/request) to make an https request to a server. However, I keep getting an authorization error of CERT_HAS_EXPIRED.

request({         url: 'https://www.domain.com/api/endpoint',         strictSSL: false     }, function(error, response, body) {         if(!error && response.statusCode == 200) {             res.json(JSON.parse(body));         } else {            res.json(response.statusCode, {'error': 'error'})         } });

I've tried setting strictSSL to true and false, both output same error of CERT_HAS_EXPIRED. What is causing this issue and is there any way to fix it in nodejs?

like image 650
wwwuser Avatar asked Dec 06 '13 20:12

wwwuser

2 Answers

The best way to fix this:

Renew the certificate. This can be done for free using Greenlock which issues certificates via Let's Encrypt™ v2

A less insecure way to fix this:

'use strict';  var request = require('request'); var agentOptions; var agent;  agentOptions = {   host: 'www.example.com' , port: '443' , path: '/' , rejectUnauthorized: false };  agent = new https.Agent(agentOptions);  request({   url: "https://www.example.com/api/endpoint" , method: 'GET' , agent: agent }, function (err, resp, body) {   // ... });

By using an agent with rejectUnauthorized you at least limit the security vulnerability to the requests that deal with that one site instead of making your entire node process completely, utterly insecure.

Other Options

If you were using a self-signed cert you would add this option:

agentOptions.ca = [ selfSignedRootCaPemCrtBuffer ];

For trusted-peer connections you would also add these 2 options:

agentOptions.key = clientPemKeyBuffer; agentOptions.cert = clientPemCrtSignedBySelfSignedRootCaBuffer;

Bad Idea

It's unfortunate that process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; is even documented. It should only be used for debugging and should never make it into in sort of code that runs in the wild. Almost every library that runs atop https has a way of passing agent options through. Those that don't should be fixed.

like image 109
coolaj86 Avatar answered Sep 22 '22 14:09

coolaj86

Add this at the top of your file:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

DANGEROUS This disables HTTPS / SSL / TLS checking across your entire node.js environment. Please see the solution using an https agent below.

like image 34
Dan Kohn Avatar answered Sep 23 '22 14:09

Dan Kohn
Sign in to Comment

Related questions

Non-AJAX jQuery POST request
Accessors are only available when targeting ECMAScript 5 and higher
Send JSON data with jQuery
Remove line breaks from start and end of string
Submit form after calling e.preventDefault()
How to loop through all the elements returned from getElementsByTagName [duplicate]
ES6 in JShint - .jshintrc has esversion, but still getting warning (using atom)
How can I select all options of multi-select select box on click?
How to get child element by index in Jquery?
Validate Radio Button AngularJS
Fastest JavaScript summation
How do I store javascript functions in a queue for them to be executed eventually [duplicate]
jQuery Keypress Arrow Keys
"Error: You may not call store.getState() while the reducer is executing."
Change the Arrow buttons in Slick slider
How to fill an input field using Puppeteer?
Add dynamic key, value pairs to JavaScript array or hash table
Skip decimal points on y-axis in chartJS
how to find the vertical distance from top in px of an element using jQuery
Yarn ERROR: There are no scenarios; must have at least one

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!