Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SSL certificate - disable verification in axios and react

Tags:

I'm trying to consume an API in my react application using axios. The API works over HTTPS with self signed certificate. So far I've got the following error when connecting:

net::ERR_INSECURE_RESPONSE
bundle.js:65253 HTTP Failure in Axios Error: Network Error
    at createError (bundle.js:2188)
    at XMLHttpRequest.handleError (bundle.js:1717)

I tried the following but without success:

import axios from 'axios';

const https = require('https');

const agent = new https.Agent({
    rejectUnauthorized: false,
});

const client = axios.create({ //all axios can be used, shown in axios documentation
    baseURL: process.env.REACT_APP_API_URL,
    responseType: 'json',
    withCredentials: true,
    httpsAgent: agent
});

export default client;

Is there any way to disable the certificate verification?

like image 590
Goranov Avatar asked Dec 04 '17 10:12

Goranov


People also ask

How do I disable SSL verification in Axios?

You can configure axios to use a custom agent and set rejectUnauthorized to false for that agent: // At instance level const instance = axios. create({ httpsAgent: new https. Agent({ rejectUnauthorized: false }) }); instance.

Can I disable SSL verification?

Locate the control Validate Website SSL Certificates. From the list to the right side of this control, select Never. Click Save. SSL certificate validation is now disabled.

Is it possible to ignore SSL verification for fetch API in react app?

No, this error is from your browser and cannot be avoided in JavaScript. You must either add the self-signed certificate to your root certificate repository on your local machine or obtain a valid signed certificate from a free service such as Let's Encrypt.

How do I disable SSL validation in Chrome?

Right-click the Google Chrome shortcut on your desktop and select Properties. In the Target field simple append the following parameter after the quoted string: --ignore-certificate-errors.


1 Answers

Here is a way to have self-signed and accepted localhost certificates. Basically, you generate the certificate and add it to Chrome manually before using it.

Guide by Let's Encrypt: https://letsencrypt.org/docs/certificates-for-localhost/ (seems a bit advanced).

There is this answer too, that explains how to add certificate while you are at the site: https://stackoverflow.com/a/18602774

like image 157
dkasipovic Avatar answered Sep 18 '22 17:09

dkasipovic