Skip to content

HTTPS: unable to verify the first certificate error #206

New issue
New issue
Open
Open
HTTPS: unable to verify the first certificate error#206
@CajunDust

Description

@CajunDust
CajunDust
opened on Jul 29, 2019

When I try to request resources from a https server that has an own certificate (valid, not a self signed), apparrently I get an error : UNABLE_TO_VERIFY_LEAF_SIGNATURE

Details:

ERROR :  { message: 'GENERAL ERROR : unable to verify the first certificate',
  url: 'https://demo.tailorfit.eu/images/backdrop.png',
  cause:
   { Error: unable to verify the first certificate
       at TLSSocket.onConnectSecure (_tls_wrap.js:1181:34)
       at TLSSocket.emit (events.js:197:13)
       at TLSSocket.EventEmitter.emit (domain.js:446:20)
       at TLSSocket._finishInit (_tls_wrap.js:672:8)
     code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
    ....

I tried to create a cert file from the intermediate and domain certificate, and add it as specified on the https lib, but this does not work...

Does this client lib not support adding the "ca" to the options ?
e.g.

let options = {
   connection: {
      ca: fs.readFileSync(crt_file_fullpath)
   }
}
...
 let req = client.get(url, options, function (data, response) {
    // ....
 }),

Example of our CRT file: tailorfit.txt

This works with the plain https library !
e.g. via code:

var fs = require('fs');
var https = require('https');
var options = {
   hostname: 'demo.tailorfit.eu',
   port: 443,
   path: '/images/backdrop.png',
   method: 'GET',
   ca: fs.readFileSync('tailorfit.txt')
};
var req = https.request(options, function(res) {
   res.on('data', function(data) {
       process.stdout.write(data);
   });
});
req.end();

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions