JCMais
unable to verify the first certificate (UNABLE_TO_VERIFY_LEAF_SIGNATURE)
I have an ftp-downloader created based on your examples here. It works well for my staging-environment, but not for the production. For the Production environment, I got this error:
Error: unable to verify the first certificate
at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
at TLSSocket.emit (node:events:390:28)
at TLSSocket._finishInit (node:_tls_wrap:944:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
If I browse with the browser to the given URL, the Certificate is valid and works. Is there a way to fix this? Maybe a flag to disable this tls-check (as it's a request to a server I know, and which is secure)?
Even with those flags it doesn't work:
handle.setOpt(Curl.option.URL, url);
handle.setOpt(Curl.option.VERBOSE, debug);
handle.setOpt(Curl.option.SSL_VERIFYHOST, 0);
handle.setOpt(Curl.option.SSL_VERIFYPEER, 0);
handle.setOpt(Curl.option.WILDCARDMATCH, true);
handle.setOpt(Curl.option.FNMATCH_FUNCTION, fnMatch);
handle.setOpt(Curl.option.CHUNK_BGN_FUNCTION, fileIsComing);
handle.setOpt(Curl.option.CHUNK_END_FUNCTION, filesIsDownloaded);
handle.setOpt(Curl.option.WRITEFUNCTION, (buff, nmemb, size) => {
Hey @xstable, sorry for the long delay to answer this. Is this still an issue?
SSL_VERIFYPEER is the option you want to set, so it is weird that it is not working.
I think it's still exists, if you didn't change anything in the code?! I created a workaround for my case, but as it's to far in the paste, I forget what it was. Maybe switching to an insecure protocol?! Don't know.
Facing the same issue @JCMais , unable to verify the first certificate
Sorry, to keep the maintainability of this project, I am closing old tickets. If the issue continues with the latest version of node-libcurl, please feel free to create a new ticket.