2

I am playing around and learning Express Gateway. The getting started guide requires that I make calls to an https endpoint. My organization runs all requests through a middlebox that sniffs https content and has its root certs installed on our machines. So basically all https payloads are signed with the organization's own certs.

Basically when Express Gateway makes the call and sees this cert it doesn't trust, it throws an error. I have tried to set NODE_TLS_REJECT_UNAUTHORIZED=0 to temporarily disable certificate verification, but still I see the error and the connection is rejected:

enter image description here

How can I temporarily disable certificate verification in Express Gateway?

As a longer term solution, I've seen a post about how to get Node to trust my OS certificates by setting the NODE_EXTRA_CA_CERTS environment variable, but I don't know which file to point to on my system as the certificate file

Update 1 (2020.26.02)

I followed Vicenzo's advice and tried to call the script directly rather than via an npm script but it doesn't work. I've added a console log at the top of the server.js file to see the value of NODE_TLS_REJECT_UNAUTHORIZED. When I don't set the variable, and I try to proxy to an https service this is what I see:

enter image description here

When I set the variable, again executing the script directly, this is what I see -- the gateway still rejects the self-signed certificate:

enter image description here

BeetleJuice
  • 39,516
  • 19
  • 105
  • 165
  • How are you setting such environment variable? It appears to me you didn't set it correctly. – Vincenzo Feb 25 '20 at 12:02
  • Hi Vincenzo! I'm on Windows. I set the variable by running `set NODE_TLS_REJECT_UNAUTHORIZED=0` before running `npm start` from the same prompt. The warning about "disabling certificate verification" (see next to last line in the screenshot) only shows up when I set that environment var. That's why I think it was set correctly – BeetleJuice Feb 25 '20 at 13:48
  • @Vincenzo is there another way I should be setting that up? Does Express Gateway itself have a relevant setting? – BeetleJuice Feb 25 '20 at 14:30
  • It seems apparently all correct, the only thing I would try to do is to set the variable and then instead of calling the NPM start script — try to call node index.js directly – Vincenzo Feb 25 '20 at 23:38
  • @Vincenzo no dice. I updated my question with results from your suggestion. – BeetleJuice Feb 27 '20 at 02:37
  • 1
    did you ever solve this problem? I am facing the same issue, even after setting the variable the logs show a warning but still, I get a bad gateway. – Ahmad Karim Oct 19 '20 at 16:39

0 Answers0