14

I'm trying to do a post request via https with vue-axios. However, since i'm using a self-signed certificate that i created, i'm getting the following error:

net::ERR_CERT_AUTHORITY_INVALID

Upon searching i found that most people solve this by doing the following 

const instance = axios.create({
  httpsAgent: new https.Agent({  
    rejectUnauthorized: false
  })
});
instance.get('https://something.com/foo');

// At request level
const agent = new https.Agent({  
  rejectUnauthorized: false
});
axios.get('https://something.com/foo', { httpsAgent: agent });

I tried both option but didn't have any success with them. I used the npm https module for the https.Agent.

Does anyone know how to solve this problem? or should I just change from axios to other modules?

edited:

the piece of code I'm running with the error at the moment:

const axiosInstance = axios.create({
  baseURL: 'https://localhost:5000',
  httpsAgent: new https.Agent({
    rejectUnauthorized: false
  }),
});
axiosInstance.post('/user', LoginRequest, 
  { headers: { 'Content-Type': 'application/json' } })
    .then(response => this.assignLogin(response.data));

tried to change to a module named needle and use https but had the same error:

needle:

      const headers = { 'Content-Type': 'application/json' };
      const options = {
          method: 'POST',
          headers: headers,
          rejectUnauthorized: false,
          requestCert: true,
          agent: false,
          strictSSL: false,
      }
      needle.post('https://localhost:5000/user', LoginRequest, options).on('end', function() { })

https:

const options = {
         hostname: 'localhost',
         port: 5000,
         path: '/user',
         strictSSL: false,
         rejectUnauthorized: false,
         secureProtocol: 'TLSv1_method',
         method: 'POST',
         headers: {
           'Content-Type': 'application/json',
         },
       };
       const req = https.request(options, (res) => {
         console.log('statusCode:', res.statusCode);
         console.log('headers:', res.headers);

         res.on('data', (d) => {
           this.assignLogin(d);
         });
       });
       req.on('error', (e) => {
         console.error(e);
       });
       req.write(LoginRequest);
       req.end();
Radaeld
  • 175
  • 1
  • 2
  • 9
  • Where is your code? – Varit J Patel Mar 27 '19 at 16:54
  • added the axios piece above – Radaeld Mar 27 '19 at 16:58
  • 2
    If you are going to go through all this trouble to allow an invalid certificate, why not run your server in http mode while developing and then when in production get a valid certificate that matches the domain? – AlexC Mar 28 '19 at 02:04
  • In the docs for [axios](https://github.com/axios/axios) it is said: "`httpAgent` and `httpsAgent` define a custom agent to be used when performing http and https requests, respectively, **in node.js.**". I've seen them differentiate between browsers and node in the docs, so maybe this config is not suitable for browsers (Vue). At least it doesn't work for me either. – Pavel A May 16 '19 at 18:51

1 Answers1

21

Since you mention that you are "using a self-signed certificate that you created", I guess that you are using this for local development tests. I had a similar issue, when testing locally in Chrome.

As this error message (net::ERR_CERT_AUTHORITY_INVALID) is a way of Chrome blocking a URL with an "unsafe" certificate, you need to solve this issue through Chrome, telling it that you trust the certificate.
The solution I use is the old one thisisunsafe. (ONLY USE THIS SOLUTION IF YOU REALLY TRUST THE CERTIFICATE, I.E., IT'S YOUR OWN CERTIFICATE):

SOLUTION: Just open a tab in Chrome, try to open a URL with your server address (in your case, https://localhost:5000/). Chrome will display a warning message, so you click anywhere in the window, and type thisisunsafe. Chrome will now allow access to this certificate. When you reload the client again and try to request the server, it will work.

ofri cofri
  • 886
  • 10
  • 13