How to ignore SSL issues

[Eric24]

Is it possible to configure Axios (running in node.js) to ignore specific SSL errors (like expired certificates)? I'd like to know that the SSL certificate has a problem, but I want the transaction to complete anyway (by default, it fails).

[nickuraltsev]

You can configure axios to use a custom agent and set rejectUnauthorized to false for that agent:

// At instance level
const instance = axios.create({
  httpsAgent: new https.Agent({  
    rejectUnauthorized: false
  })
});
instance.get('https://something.com/foo');

// At request level
const agent = new https.Agent({  
  rejectUnauthorized: false
});
axios.get('https://something.com/foo', { httpsAgent: agent });

Hope this helps!

[bairisuresh]

@nickuraltsev
its not working with above changes
const https = require('https');
axios({
url: url,
method: 'GET',
headers: {
'Content-Type': 'application/json'
},
responseType: 'json',
httpsAgent: new https.Agent({ rejectUnauthorized: false })
})
.then(response => {
})
.catch(error => {
})
}
}

[Eric24]

Actually, I find that it does work, but it specifically addresses self-signed certificates. It does not allow expired or invalid certificates. To allow any certificate, you have to add this line near the top of your code;

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

This will allow just about anything, but it's also dangerous, so use with caution.

[bairisuresh]

@Eric24
It's not working if i add the above code at first line of my file.
Please let me know exact path for adding.

[Eric24]

For me (needing to ignore an expired but otherwise valid certificate), it worked by simply adding this line right after "use strict"; at the top of the main node.js file, before any other code. It's an all-or-nothing setting, but it's purpose is to allow an HTTPS transaction to complete when the agent would otherwise terminate the transaction due to a certificate issue. Maybe your particular scenario is not related to the certificate?

[fairyly]

if not in node ,how to get https module????

[psahni]

https module DOES NOT work with react-native

[xmeltrut]

+1

[Germinate]

@psahni Do you know how to ignore the ssl issue in React Native?

[psahni]

@Germinate - I am still struggling with the same issue. We have to change the native android code. And we have to build react native from source. I don't know how to do it yet.
One solution is please create a proxy server in node in between the react native and main server. And route the request from react native to node proxy to main server.

[Germinate]

@psahni Have you tried this solution?

[psahni]

@Germinate - Looks great!. Thanks for sharing it. So after making those changes. Can we use react-native module directly ?

[zaiz91]

Still not working with react native :/

[lben]

Does it work in the browser? I am using axios with a vue js application and I am getting this net::ERR_CERT_AUTHORITY_INVALID error with a self signed certificate. The proposed solution assumes that I can use https.Agent but I don't know how can I use the https module on vue. Is there another way? thanks

[lfaz]

do we have https inside react-native? if yes how do we include it?

[RobotOptimist]

if you are using nuxt/axios you can achieve the above by creating a plugin with the following code:
Here is the documented method to create the plugin in nuxt: https://axios.nuxtjs.org/extend.html

This pattern of development can be useful if you are developing an API locally with a self-signed cert.

import https from 'https';

export default function ({ $axios, store }) {
    const agent = new https.Agent({  
        rejectUnauthorized: false
      });    
    $axios.onRequest(config => {
        if (process.env.dev) {
            config.httpsAgent = agent;
        }                     
    });
}

[mehsieh89]

what is a "post" example of this?

Currently trying to do a post request, and ignore SSL.

[willwillis]

if you are using nuxt/axios you can achieve the above by creating a plugin with the following code:
Here is the documented method to create the plugin in nuxt: https://axios.nuxtjs.org/extend.html

This pattern of development can be useful if you are developing an API locally with a self-signed cert.

import https from 'https';

export default function ({ $axios, store }) {
    const agent = new https.Agent({  
        rejectUnauthorized: false
      });    
    $axios.onRequest(config => {
        if (process.env.dev) {
            config.httpsAgent = agent;
        }                     
    });
}

Do I call my existing asyncData or axios requests any differently after creating axios.js in the modules folder?

[SamiChab]

Look at this, it solved it for me: https://stackoverflow.com/a/54475750/8577483

[emileindik]

Still experiencing this issue. Using https-browserify to get the node's https module in browser.

const instance = axios.create({
    httpsAgent: new https.Agent({  
        rejectUnauthorized: false
    })
});

instance.post("https://...");

returns ERR_CERT_AUTHORITY_INVALID

[ivnsch]

I also get the error, using app created with react-create-app

const axios = require('axios');
const https = require('https');

const result = await axios('https://localhost:8080/search/' + text, {
    headers: {"lang": lang},
    httpsAgent: new https.Agent({
        rejectUnauthorized: false
    })
});

I also tried adding process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; at the beginning of the file (below const https = require('https');) with no effect.

[geoidesic]

Why was this closed? Doesn't look like there's a working solution.

[alexkb]

I came across this thread due to an 'ssl handshake failed' error in my logs and considered trying to turn off the checks as described by others above. After lots of troubleshooting (I originally went down a path of thinking it was CORS related) it ended up being because my SSL certificate didn't have the CA certificate bundled in. If you suspect this could be it, use one of the free SSL checking services like https://www.ssllabs.com/ssltest/ or https://www.digicert.com/help/ to confirm your certificate is good. Hope this can help someone else.

[Tobjoern]

I was suddenly struggeling with this issue aswell (in spite of not having changed anything). What fixed it for me was simply performing a standard GET request via a new tab. By this I mean if you have a route "/users", try opening a new tab with {serverPath}/users. It helped me, though I am not sure why.

[simplenotezy]

You could also just add the environment variable when you start your dev environment:

export NODE_TLS_REJECT_UNAUTHORIZED=0 && yarn dev --env.NODE_TLS_REJECT_UNAUTHORIZED=0

And perhaps add it to your package.json file

"scripts": {
  "dev": "export NODE_TLS_REJECT_UNAUTHORIZED=0 && nuxt --env.NODE_TLS_REJECT_UNAUTHORIZED=0",

[khatekar]

I am facing the same issue. I am using axios and using POST method. I tried all solutions mentioned above but no luck. Did anyone find the working solutions? Thank you.

[Falci]

I couldn't make it work for a single instance.

// doesn't work
axios.create({
    httpsAgent: new https.Agent({ rejectUnauthorized: false })
});

// it works
https.globalAgent.options.rejectUnauthorized = false;

Using node;
This is the SSL error: unable to get local issuer certificate (20) (from a curl request)

[Foskas]

There is any update on this for React Native ?

[jack1012t]

I am experiencing the same issue as @Falci is - only works when setting the flag globally. My issue is a bit different though, Error: self signed certificate in certificate chain

[khatekar]

I am facing the same issue. I am using axios and using POST method. I tried all solutions mentioned above but no luck. Did anyone find the working solutions? Thank you.

import axios from "axios";
const https = require('https');

const resp = await axios({
      url,
      method: "POST",
      auth,
      httpsAgent: new https.Agent({
        rejectUnauthorized: false
      })
    });

Worked for me.

[fozhao]

Got stuck here for React Native environment. Any solution for React Native app please?

[Foskas]

Hi @fozhao

If you're trying to use invalid certificates you can try to follow this approach:

1. Install the certificate in your macbook
2. Force trust the certificate and export it
3. iOS - Install the export certificate on the devices and problem solved.
   Android - Install the exported certificate on the device and add the following to yout network_security_config.xml file.

<network-security-config>
    <base-config>
        <trust-anchors>
            <certificates src="system"/>
            <certificates src="user"/>
        </trust-anchors>
    </base-config>
     ....
</network-security-config>

This solution worked for my.
Thank you!

[tamangsuresh]

@Fonger plz elaborate more with hits and example.

[DeLandtsheerTijl]

https module is for node, doesn't work in Vue/React/... Basically results in the same as process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
If you want to ignore SSL because you're using SSR and you're prefetching data on the local server anyway, this doesn't result in any security issues.

Make sure to set that env variable on the server though, I made the mistake trying to set it on the client and so the server still crashed.

[Fonger]

@tamangsuresh why me?