CODEWITHSUNDEEP
angularrxjsangular5javascript-frameworkangular-http
AndreaNobili
AndreaNobili

Reputation: 42957

Why am I obtaining this ERR_CERT_AUTHORITY_INVALID error calling an HTTPS API using a self signed certificate from an Angular service?

I have the following problem trying to call an external REST HTTPS API from an Angular service:

I have this Angular service:

@Injectable()
export class MailDetailProtocolloService {

    private protocolloAooApiUrl = 'https://myservercom:443/my_project/api/GetDeparmentsList';  

    constructor(
        private http: HttpClient
    )
    {
    }

    /** GET AOO List chiamando un'API esterna */

    getAooList(): Observable<Aoo[]> {
        return this.http.get<Aoo[]>(this.protocolloAooApiUrl)
    }

}

The problem is that this API use a self signed certificate and calling it I obtain this error message in the console:

GET https://myservercom:443/my_project/api/GetDeparmentsList net::ERR_CERT_AUTHORITY_INVALID

Why? How can I fix it and call it using this self signed certificate?

Upvotes: 1

Views: 9994

Answers (1)

ggradnig
ggradnig

Reputation: 14169

Self-signed certificates aren't accepted by browsers per default. There is a list of trusted certification authorities (short 'CA') installed on your computer that are allowed to issue certificates. In order to have your computer trust your certificate, you have to either add your CA to this trust list manually or install the self-signed certificate directly.

How to do this depends on your operating system and browser.

Here is the tutorial for Windows

Here is the turorial for Mac

Here is the tutorial for Linux

Unlike with "fat clients", there isn't any way to do this automatically with web applications; it's a default security policy for all modern browsers. Imagine a website could send sensitive data in the background to a malicious website.

Upvotes: 4

Related Questions