Cheap and insecure answer: Add process.env[“NODE_TLS_REJECT_UNAUTHORIZED”] = 0; in code, before calling https.request() A more secure way (the solution above makes the whole node process insecure) is answered in this question
I have this functionality in exchangeIt, which connects to Microsoft exchange via WebDav. Here’s some code to create an HttpClient which will connect to self signed cert’s via SSL: SchemeRegistry schemeRegistry = new SchemeRegistry(); // http scheme schemeRegistry.register(new Scheme(“http”, PlainSocketFactory.getSocketFactory(), 80)); // https scheme schemeRegistry.register(new Scheme(“https”, new EasySSLSocketFactory(), 443)); HttpParams params = new BasicHttpParams(); params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, … Read more
On Windows the easiest way is to use the program portecle. Download and install portecle. First make 100% sure you know which JRE or JDK is being used to run your program. On a 64 bit Windows 7 there could be quite a few JREs. Process Explorer can help you with this or you can … Read more
How to Configure WAMPServer to use HTTPS SSL This is not a trivial process. This tutorial will, hopefully, get SSL working for you. However getting it configured correctly once it is working is TOTALLY DOWN TO YOU. Additional reading for all who travel this road Ok, I have based this tutorial on the creation of … Read more
I think I’ve figured this one out. I imported the new WWDR Certificate that expires in 2023, but I was still getting problems building and my developer certificates were still showing the invalid issuer error. In keychain access, go to View -> Show Expired Certificates. Then in your login keychain highlight the expired WWDR Certificate … Read more
With SNI If the remote server is using SNI (that is, sharing multiple SSL hosts on a single IP address) you will need to send the correct hostname in order to get the right certificate. openssl s_client -showcerts -servername www.example.com -connect www.example.com:443 </dev/null Without SNI If the remote server is not using SNI, then you … Read more
According to this answer, it is possible, but rarely used. As for how to get it: I would tend to simply try and order one with the provider of your choice, and enter the IP address instead of a domain during the ordering process. However, running a site on an IP address to avoid the … Read more
Relating to ‘SSL certificate problem: unable to get local issuer certificate’ error. It is important to note that this applies to the system sending the CURL request, and NOT the server receiving the request. Download the latest cacert.pem from https://curl.se/ca/cacert.pem Add the ‘–cacert /path/to/cacert.pem’ option to the curl command to tell curl where the local … Read more
Contrary to the accepted answer you do not need a custom trust manager, you need to fix your server configuration! I hit the same problem while connecting to an Apache server with an incorrectly installed dynadot/alphassl certificate. I’m connecting using HttpsUrlConnection (Java/Android), which was throwing – javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. … Read more
The problem appears when your server has self signed certificate. To workaround it you can add this certificate to the list of trusted certificates of your JVM. In this article author describes how to fetch the certificate from your browser and add it to cacerts file of your JVM. You can either edit JAVA_HOME/jre/lib/security/cacerts file … Read more