CERT_UNTRUSTED error when execute https request

Question

I am trying to execute https request from my node server side but it give me following error :-

Caught exception: Error: CERT_UNTRUSTED

If i execute http request then it's working fine but for https links its not working.

Here is my code:-

var request = require('request');
request('https://en.m.wikipedia.org/wiki/Astrid_Olofsdotter_of_Sweden', function (error, response, body) {
  if (!error && response.statusCode == 200) {
    console.log(body) // Show the HTML for the Google homepage.
  }
})

Any Idea?

Answer 1

This could be down to a number of things, Ive run your code and its fine for me

node --version
v0.12.5

so I would look at

1. the version of nodejs you are using

periodically root certificates are updated , i would suggest updating as it could possibly be that the cert used is newer than the root certificates in your distribution and is hence showing as untrusted

2. network - its possible that you are behind a proxy that does something unexpected with your requests

3. the target server , it could be returning something unexpected.

The most likely is 1, that you are using a version of nodejs that doesnt recognise the certificate provider of the site and therefore says that its untrusted.

I'd put 2 and 3 about the same level of likelyhood. if you are spidering wikipedia, its possible they've blocked you / pushed you to an error page where the certificate may not be valid.

Whilst you can , as the other posters have suggested, turn off verification, I would advise against it as a habit. And never do it in production environments.

The only time I break this rule is for self signed certificates on local machines.

Answer 2

You can bypass https using below commands:

npm config set strict-ssl false

Setting strict-ssl false allows all the node server to access any url.

or set the registry URL from https or http like below:

npm config set registry="http://registry.npmjs.org/"

Note: However, Personally I believe bypassing https is not the real solution, but we can use it as a workaround.

Hope this helps.

Answer 3

It looks like a SSL issue, Best way to fix SSL of Network Environment.

---

For now you can bypass issue by making rejectUnauthorized as false

const request = require("request");
const https = require('https');
const agentOptions = {
    host: 'en.m.wikipedia.org',
    port: '443',
    path: '/wiki/Astrid_Olofsdotter_of_Sweden',
    rejectUnauthorized: false
};
const agent = new https.Agent(agentOptions);

const postOption = {
    method: 'GET',
    agent: agent,
    uri: 'https://en.m.wikipedia.org/wiki/Astrid_Olofsdotter_of_Sweden'
};

request(postOption, function (error, response, body) {
  if (!error && response.statusCode == 200) {
    console.log(body);
  }
});

Answer 4

A very close answer is located here.

A very detailed & specific answer to this question is given here.

I would recommend the following:

Before calling https.request() set:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

In the agent options, set:

const agentOptions = {    
    ... 
    rejectUnauthorized: false
};

Also, refer to the documentation for TLS/SSL of request library.