Last active
June 18, 2024 06:53
Revisions
-
nanusdad renamed this gist
Jun 18, 2024 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Jun 18, 2024 .There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,15 @@ # How to resolve - unable to verify the first certificate in NodeJS ## Connect using SSL to ascertain the error `openssl s_client -connect foo.badssl.com:443 -servername foo.badssl.com` ## Save output to tmp file `openssl s_client -connect foo.badssl.com:443 -servername foo.badssl.com | tee /tmp/logcertfile` ## Find issuer and CRT file `openssl x509 -in /tmp/logcertfile -noout -text | grep -i "issuer"` ## Get the intermediate certificate from issues `curl --output sectigo.crt http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt` ## Convert to pem file `openssl x509 -inform DER -in sectigo.crt -out sectigo.pem -text` ## Use pem file in NODE_EXTRA_CA_CERTS environment variables `PORT=3000 ROOT_URL=https://prod.domain.com NODE_EXTRA_CA_CERTS="/home/admin/sectigo.pem" node main.js` [Read more on stackoverflow ...](https://stackoverflow.com/questions/31673587/error-unable-to-verify-the-first-certificate-in-nodejs)