Skip to content

Instantly share code, notes, and snippets.

@nanusdad

nanusdad/first-certificate-error.md

Last active June 18, 2024 06:53
Show Gist options
  • Save nanusdad/08c0d4afcd4a339c32b64979315f9615 to your computer and use it in GitHub Desktop.
Save nanusdad/08c0d4afcd4a339c32b64979315f9615 to your computer and use it in GitHub Desktop.
Download ZIP
How to resolve - unable to verify the first certificate in NodeJS
Raw
first-certificate-error.md

How to resolve - unable to verify the first certificate in NodeJS

Connect using SSL to ascertain the error

openssl s_client -connect foo.badssl.com:443 -servername foo.badssl.com

Save output to tmp file

openssl s_client -connect foo.badssl.com:443 -servername foo.badssl.com | tee /tmp/logcertfile

Find issuer and CRT file

openssl x509 -in /tmp/logcertfile -noout -text | grep -i "issuer"

Get the intermediate certificate from issues

curl --output sectigo.crt http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Convert to pem file

openssl x509 -inform DER -in sectigo.crt -out sectigo.pem -text

Use pem file in NODE_EXTRA_CA_CERTS environment variables

PORT=3000 ROOT_URL=https://prod.domain.com NODE_EXTRA_CA_CERTS="/home/admin/sectigo.pem" node main.js

Read more on stackoverflow ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment