Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to disable ssl certificate validation or Is there something similar to rejectUnauthorized flag for TACO SDK FetchUtils? Alternatively: How to add my company cacert.pem to the fetcher? #1263

Open
RaamEEIL opened this issue Oct 25, 2024 · 0 comments

Comments

@RaamEEIL
Copy link

My company uses an Internal CA Root.

Fetching URLs from servers that are signed by this certificate chain will result in SELF_SIGNED_CERT_IN_CHAIN (see snippet below).

In JS this can be handled in 2 ways:

Disable the validation of the certificate by adding to the agent options, flag rejectUnathorized.

Or

Trust the corp CA Root by adding to the agent options 'ca: ' with the contents of the ca-cert.pem file.

As suggested in https://github.com/orgs/nodejs/discussions/44038

const agent = new https.Agent({
rejectUnauthorized: false,
});

fetch("https://google.com", { method: "get", body: body, agent });

My question is: How do I do this in TACO SDK?
How to disable the validation or alternatively trust the corp CA Certificate provide by ca-cert.pem file.

I couldn't find a parallel fields in FetchUtils package.

When fetching URLs from a server that is signed by the company's certificate I get error:

at ClientRequest.emit (node:events:519:28)
at emitErrorEvent (node:_http_client:108:11)
at TLSSocket.socketErrorListener (node:_http_client:511:5)
at TLSSocket.emit (node:events:519:28)
at emitErrorNT (node:internal/streams/destroy:169:8)
at emitErrorCloseNT (node:internal/streams/destroy:128:3)
at process.processTicksAndRejections (node:internal/process/task_queues:82:21) {
type: 'system',
errno: 'SELF_SIGNED_CERT_IN_CHAIN',
code: 'SELF_SIGNED_CERT_IN_CHAIN',
erroredSysCall: undefined

Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant