TechQA.

Specify self signed certificate in pact provider testing

835 views Asked by At

I am currently testing my pact contracts using the below provider options

let opts = {
            provider: "api",
            providerBaseUrl: "https://my-domain.com",
            pactUrls: [
                path.resolve(
                    process.cwd(),
                    "./pacts/pact-api.json"
                ),
            ],
            validateSSL: false,
            changeOrigin: true,
            providerVersion: "1.0.0"
        }
        return new Verifier(opts).verifyProvider().then(output => {
            console.log("Pact Verification Complete!")
            console.log(output)
        })

When I give the base url as https I get the below error:

Uncaught Error: write EPROTO 140574248376192:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:

      at WriteWrap.onWriteComplete [as oncomplete] (internal/stream_base_commons.js:92:16)

If I change the url to have http: it does a redirect (I get redirect status code 308).

The https url is a self signed url, and the self signed certificate is present in all our servers. I have no issues accessing the url from any browser or curl or via express.js.

But if I provide the url directly in provider options, I get the error. I went through the pact documentation and I was not able to find any additional arguments.

Any help to overcome this issue is highly appreciated.

Thanks.

Update: The issue was running pact inside a docker container. The requests from the container were being blocked by an internal proxy. Once the proxy was bypassed, it worked.

node.js datacontract pact pact-node
Original Q&A
2

There are 2 answers

0
Beth Skurrie On

Under the hood, pact-js uses the "pact-ruby-standalone". You can set the certificate for the pact-ruby-standalone using the environment variables SSL_CERT_FILE as documented here: https://github.com/pact-foundation/pact-ruby-standalone/releases#pact-provider-verifier

0
Matthew Fellows On

UPDATE:

The issue was due to VPN/proxy settings on the host which was intercepting the request and presenting an invalid certificate.

ORIGINAL POST:

Whilst Beth is correct in that we do use that Ruby library under the hood, Pact JS actually spins up a proxy which the Ruby standalone actually interacts with - i.e. Ruby talks to a local JS server running http, and the proxy re-issues the request to the service. So the issue is most likely in the Pact JS framework.

There could be a few things happening here:

  1. There is an issue in the library somewhere
  2. There is a configuration issue somewhere we need to get to the bottom of
  3. There is something special about the TLS certificate

Could you please update the bug report at https://github.com/pact-foundation/pact-js/issues/429 ?

We're going to need logs and other information to get to the bottom of it (see https://github.com/pact-foundation/pact-js/blob/master/.github/issue_template.md for how to help us help you).

Related Questions in NODE.JS

Related Questions in DATACONTRACT

Related Questions in PACT

Related Questions in PACT-NODE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions