Reputation: 165
"RequestError: Error: unable to verify the first certificate" error after updating certificate of API server
I have this website (let's call it a.com) which is on AWS. It is done using NodeJs backend and view front end. It is calling another system API (let's call it b.com) for the DATA from some other URL.
This site was working fine. We updated SSL certificate of site b.com and now site a.com is not able to receive data from site b.com.
When I checked the error log on AWS, this is the error I found:
RequestError: Error: unable to verify the first certificate
at new RequestError (/var/app/current/node_modules/request-promise-core/lib/errors.js:14:15)
at Request.plumbing.callback (/var/app/current/node_modules/request-promise-core/lib/plumbing.js:87:29)
at Request.RP$callback [as _callback] (/var/app/current/node_modules/request-promise-core/lib/plumbing.js:46:31)
at self.callback (/var/app/current/node_modules/request/request.js:185:22)
at emitOne (events.js:116:13)
What can be the issue?
Can I do any settings on my NodeJs server to load data from b.com?
The site is working fine on my localhost.
Upvotes: 0
Views: 5637
Answers (2)
Reputation: 13485
Necessary warning: Turning off all SSL certificate validation is dangerous. A MiTM attack (e.g. a sniffer/spoofer on your local network) can read or replace any of your data if you do it. Don't do it if you can help it.
A better solution: export or otherwise set
NODE_EXTRA_CA_CERTSenvironment variable for your process, and point it to a working root certificate CAs file.Configuration equivalent:
npm config set cafile "<path to certificate file>"A worse
solutionworkaround: export or otherwise setNODE_TLS_REJECT_UNAUTHORIZED=0environment variable.Configuration equivalent:
npm config set strict-ssl false. This may not work for installation scripts that ignore the configuration.
Upvotes: 3
Reputation: 3138
As the error message says, there are problems validating the SSL certificate of b.com.
I see you're using request library, so as a workaround you could pass strictSSL: false in options:
{
url: 'https://b.com',
method: 'GET',
...
strictSSL: false
}
Upvotes: 4
Related Questions
- Renewed my SSL certificate but getting UNABLE_TO_VERIFY_LEAF_SIGNATURE in nodejs on AWS EC2 server
- nodejs - certificate has expired
- Getting TLS Error in Node application API call
- Still receiving SSL error "CERT_HAS_EXPIRED" after setting NODE_EXTRA_CA_CERTS
- Request, Error: unable to verify the first certificate
- CERT_UNTRUSTED error when execute https request
- certificate issue in nodejs https request
- Unable to verify the first certificate in Node.js
- nodejs https server certificate error
- Unable to verify the first certificate