`insomnia` request results in "Error: SSL peer..." | while copied `curl` (from insomnia) works

[ghost]

Describe the bug Get the following error:

    "Error: SSL peer certificate or SSH remote key was not OK"

When making a request using insomnia while making the same request using curl works (the curl command was copied from insomnia)

To Reproduce Steps to reproduce the behavior:

1. setup a get request in insomnia
2. send the request
3. returns an error "Error: SSL peer certificate or SSH remote key was not OK"
4. right click on the request name (in the navigation panel)
5. select "Copy as Curl"
6. paste the curl command into the terminal and press enter
7. observe the curl command succeeds as expected

Expected behavior Insomnia should be able to make the request as the curl command in the terminal

Screenshots (can't due to sensitive data)

Desktop (please complete the following information):

• OS: macOS 10.15.5
• Installation Method: directly from insomnia.rest
• App Version Version 2020.2.2 (2020.2.2)

Additional context All other requests work as expected except to one service (specific internal at work) The Exact same request worked fine in the previous version of insomnia (can't remember the version number)

[bmhatfield]

Having this same problem. According to the log, Insomnia is no longer correctly using my system trusted roots:

* Preparing request to https://localhost:8080/graphql
* Using libcurl/7.69.1 OpenSSL/1.1.1g zlib/1.2.11 brotli/1.0.7 libidn2/2.1.1 libssh2/1.9.0 nghttp2/1.40.0
* Current time is 2020-06-26T01:02:18.443Z
* Disable timeout
* Enable automatic URL encoding
* Enable SSL validation
* Enable cookie sending with jar of 0 cookies
* Hostname in DNS cache was stale, zapped
*   Trying ::1:8080...
* Connection failed
* connect to ::1 port 8080 failed: Connection refused
*   Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#4)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
*   CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 4

This previously worked totally fine; not sure if it's that validation was added or insomnia support for keychain roots was broken in a recent version on OSX.

[bmhatfield]

Related: https://github.com/Kong/insomnia/issues/2255

[designed4device]

We're having same problem with a cert issued by internal issuer/authority. Downgrading to 7.1.1 fixed it. Both root and issuer certificate are trusted in macOS keychain.

[austin1howard]

It's broken between 7.1.1 and 2020.2.0 ... presumably by #2223 but I haven't had time to dig in and see what exactly caused the breakage.

[austin1howard]

FYI: Still broken in 2020.3.3

[targetdrone]

Still broken in 2020.4.1

[jjr52]

I had this issue when using a new certificate from Let's Encrypt. I solved it by regenerating a proper certificate chain by using this very useful website: https://whatsmychaincert.com/

[willemdh]

Just had this issue too. Yesterday it worked and today I get "Error: SSL peer certificate or SSH remote key was not OK" 2020.5.1

[MarcosReis16]

I solved this by disabling certification validations in Insomnia Preferences. Just uncheck the Validate certificates option under Request / Response. I'm using version v2021.1.1

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[iandunn]

Still an active problem.

[BSchuhmacher]

Still a problem. As a workaround MarcosReis16 hint helped.

[rildomar]

i'm suggesting for you, follow this stepts:

if you using insomnia, go to Preferences -> General -> Response/Request. So, you can uncheck the box (like the image i uploaded).

[iandunn]

I wouldn't do that if you use authenticate on any endpoints (or might in the future); that's a huge security risk.

[jarchercritigen]

Also having this issue. Identical sites in test and prod yield different results. Test works fine, but prod generates this error. Would like to see this fixed.

[agencia3w]

i'm suggesting for you, follow this stepts:

if you using insomnia, go to Preferences -> General -> Response/Request. So, you can uncheck the box (like the image i uploaded).

It worked for me

[SergioSuarezDev]

having the same issue with a valid certificate...

[JonahBranch]

I'm having this issue as well with a newly generated cert

[SenaJp]

i'm suggesting for you, follow this stepts:

if you using insomnia, go to Preferences -> General -> Response/Request. So, you can uncheck the box (like the image i uploaded).

Its work for me!

[Marc477]

Why is everyone telling to disable Validate Certificates?

This is not fixing the problem, this is ignoring the problem. Why is it doing this in the first place?

I have a site behind nodejs proxy with a certificate that works everywhere except in Insomnia. Why it's not working there? There may be an issue in my cert setup or it may be insomnia that don't know how to validate certificates, how can i know which one it is?

This issue happens when using this in NodeJS, tls.createSecureContext(ssl_cert);

but it doesn't happen with if i create a regular https server, and the validation only fails in Insomnia not anywhere else (browser is fine).

Could it be the cypher? The TLS version? SSL engine? There is something wrong somewhere that i need figure out.

[yosiasz]

I am not seeing these settings in Preferences

[meierhoeferjannis]

@yosiasz You need to scroll down in General. There you will find the Settings for Request/Response

[bprimrose]

Is a fix for this coming? Nov 2023, and disabling security is an awful workaround.