Node - Unable to Verify the First Certificate / UNABLE_TO_VERIFY_LEAF_SIGNATURE localhost

Question

I have an ASP.NET Core 3.1 web app that I run on my local development machine. This app successfully runs. I can also successfully execute requests to it via Postman. I'm trying to run a test from a Node.js app. This app is using Axios to try to load one of the web pages. The request looks like this:

const result = await axios.get('https://localhost:5001/');

When this request runs, I receive the following error:

Error: unable to verify the first certificate
...
code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
...

The fact that I can a) load the url in my browser and b) run the request from Postman leads me to believe there is a config issue with my Node app. I don't know if it's an issue with a) my axios request or b) some app configuration. Oddly, I receive the same error if I try to execute my request against http://localhost:5000/ (i.e. not over HTTPS).

I'm unsure how to resolve this issue though. How do I execute a request via Axios against a web app running on localhost?

Answer 1

You'll need to tell axios/node what signing authorities to trust (your browser and postman will already have several of those set up)

You do that by configuring the https agent in axios - have a look at this answer for an example : How to configure axios to use SSL certificate?

And here are instructions on how to get the bundle from the browser (you'll probably need to use a p7b/pfx or get all certs in the chain): https://medium.com/@menakajain/export-download-ssl-certificate-from-server-site-url-bcfc41ea46a2

Answer 2

Simple but possibly insecure solution is to set NODE_TLS_REJECT_UNAUTHORIZED=0 variable before calling node.