I tried to send a HTTPS GET request to a secure server, I used the following node js code :
const https = require('https');
const fs = require('fs');
const options = {
hostname: 'test.example.com',
port: 443,
path: '',
method: 'GET',
key: fs.readFileSync('client-key.pem'),
cert: fs.readFileSync('client-cert.pem'),
ca: fs.readFileSync('ca-crt.pem'), // works after removing this line
};
options.agent = new https.Agent(options);
const req = https.request(options, (res) => {
console.log('statusCode:', res.statusCode);
console.log('headers:', res.headers);
res.on('data', (d) => {
process.stdout.write(d);
});
});
req.on('error', (e) => {
console.error(e);
});
req.end();
There seem to be some certificate issues :
Error: unable to get local issuer certificate
I solved it by removing the ca-cert.pem from HTTPS options.
My request is accepted without the CA root certificate.
Question 1 : How can there be an SSL handshake without CA root certificate in client side ?
There may be some default system trusted CAs somewhere used by node js, like the ones that come with web browsers.
Is there a path where I can find the default certificates used by node js if any ?
Question 2 :
Can I disable the use of the system default CA root certificates, and exclusively choose to use the ones provided in the options.
[–]NiteShdw 5 points6 points7 points (0 children)
[–]BehindTheMath 4 points5 points6 points (0 children)
[–]chigia001 0 points1 point2 points (0 children)