We have an Apollo Server which is calling an external API (which translates the REST API into GraphQL). Up until several days ago this worked fine, using cross-fetch to call the API.
On Friday we started getting the following error (below). I've done some searching and it seems to have to do with certificates (see Error: unable to verify the first certificate in nodejs for example). Following the answer to that question, I tried using https://www.npmjs.com/package/ssl-root-cas and putting
require('https').globalAgent.options.ca = require('ssl-root-cas/latest').create();
at the start of my code, but that didn't seem to work.
More importantly, I'm unclear what I'm doing. I have a general idea of what certificates are, how they work, but in this context I'm unclear why I'm having to provide a certificate to a public API that didn't want one a few days ago. In other words, while I want to solve it, I'd also to understand what is going on here as well.
{
"errors": [
{
"message": "request to https://www.someapi.com failed, reason: unable to verify the first certificate",
"locations": [],
"path": [
"someSearch"
],
"extensions": {
"code": "INTERNAL_SERVER_ERROR",
"exception": {
"message": "request to https://www.someapi.com failed, reason: unable to verify the first certificate",
"type": "system",
"errno": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
"code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
"stacktrace": [
"FetchError: request to https://www.someapi.com failed, reason: unable to verify the first certificate",
" at ClientRequest.<anonymous> (/Users/abc/Documents/projects/yaa-interface-new/node_modules/node-fetch/lib/index.js:1455:11)",
" at ClientRequest.emit (events.js:210:5)",
" at TLSSocket.socketErrorListener (_http_client.js:406:9)",
" at TLSSocket.emit (events.js:210:5)",
" at emitErrorNT (internal/streams/destroy.js:92:8)",
" at emitErrorAndCloseNT (internal/streams/destroy.js:60:3)",
" at processTicksAndRejections (internal/process/task_queues.js:80:21)"
]
}
}
}
],
"data": {
"someSearch": null
}
}
