4

I'm trying to connect to a remote server using nodejs 0.12, and i keep getting the response SELF_SIGNED_CERT_IN_CHAIN. I have looked at similar questions 1 2 but somehow their solutions don't work on my server.

I am connecting to a test environment outside of my control setted up with a self signed certificate. This is my request:

var https = require("https");
var fs = require('fs');

start();

function start()
{
    var listadebancos = 
    {
        language:"es",
        command:"GET_BANKS_LIST",

        merchant:
        {
            apiLogin:"111111111111111",
            apiKey:"11111111111111111111111111",
        },

        test:true,
        bankListInformation:
        {
            paymentMethod:"PSE",
            paymentCountry:"CO"

        }
    };

    var listadebancosString = JSON.stringify(listadebancos);

    var headers = 
    {
        'Content-Type': 'application/json',
        'Content-Length': listadebancosString.length
    };

        var options= {
            host: 'stg.api.payulatam.com',
            rejectUnauthorized: false,
            agent:false,
            path: '/payments-api/4.0/service.cgi',
            method: 'POST',
            cert: fs.readFileSync('./stg.gateway.payulatam.crt'),

        }

        process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

        var req= https.request(options, funcionRespuesta);
        req.write(listadebancosString); 
        req.end();



        function funcionRespuesta(res) 
        {   console.log(res);
        }

    }

Am i missing something obvious?

Community
  • 1
  • 1
NicolasZ
  • 845
  • 4
  • 10
  • 26
  • remove and revoke the api keys. you need to either get the cert issuer to fix the cert or tell your http code to ignore the problem. I don't know how to do that with the stock http module; but with [request](https://github.com/request/request) you can pass an option `strictSSL: false`.also the cert option in https.request is a CLIENT cert. – Plato Apr 07 '15 at 02:30
  • i decided to use another library called needle and it solved the problem. Thanks for your suggestion anyway – NicolasZ Apr 07 '15 at 14:52
  • dude u still have a finance-related api key in your code, I am going to edit it out for you, but it is still visible to everyone on the internet forever in the edit history, so REVOKE it asap!! – Plato Apr 07 '15 at 15:50
  • Cheers! no worries, it is the public test key :) – NicolasZ Apr 07 '15 at 16:04

1 Answers1

4

I decided to use a library call needle to make the request and this time i was able to receive the response with no SSL errors. Just in case anyone is in the same situation here is the code i used:

var listadebancos = 
{
    "language":"es",
       "command":"GET_BANKS_LIST",
       "merchant":{
          "apiLogin:"111111111111111",
          "apiKey:"11111111111111111111111111",
       },
       "test":false,
       "bankListInformation":{
          "paymentMethod":"PSE",
          "paymentCountry":"CO"
       }
};

};

// var listadebancosString = JSON.stringify(listadebancos);

var headers = 
{
    'Content-Type': 'application/json'
};

    var options = {
        host: 'stg.api.payulatam.com',
        **json:true,**
        path: '/payments-api/4.0/service.cgi',
        method: 'GET',
        headers: headers,
        rejectUnauthorized: false,
        requestCert: true,
        agent: false,
        strictSSL: false,
    }       
    needle
      .post('stg.api.payulatam.com/payments-api/4.0/service.cgi',listadebancos, options, funcionRespuesta)
       .on('end', function() {
        console.log('Ready-o, friend-o.');
      })


    function funcionRespuesta(err, resp, body)
    {
        console.log(err);
        console.log(body);                  
    }
Plato
  • 10,812
  • 2
  • 41
  • 61
NicolasZ
  • 845
  • 4
  • 10
  • 26