node-samples icon indicating copy to clipboard operation
node-samples copied to clipboard
verified publisher icon googleworkspace

Sheets Quickstart Error - self signed certificate in certificate chain

Open MSherry24 opened this issue 6 years ago • 4 comments

Expected Behavior

I should be able to run the Sheets API Node.js quickstart and authorize my google account to access the API https://developers.google.com/sheets/api/quickstart/nodejs

Actual Behavior

I am unable to authorize my account due to a self signed certificate found in my certificate chain.

Steps to Reproduce the Problem

  1. Complete steps 1 and 2 of the quickstart guide.
  2. Copy and run the provided script in the quickstart guide.
  3. Follow the generated link to login to my google account.
  4. Copy the authorization code and paste it into the terminal.
  5. The following error is displayed in the terminal:

Error while trying to retrieve access token { FetchError: request to https://oauth2.googleapis.com/token failed, reason: self signed certificate in certificate chain at ClientRequest. (C:\xampp\htdocs\SoxFX\SoxFXExpress\node_modules\node-fetch\lib\index.js:1453:11) at ClientRequest.emit (events.js:197:13) at TLSSocket.socketErrorListener (_http_client.js:399:9) at TLSSocket.emit (events.js:197:13) at emitErrorNT (internal/streams/destroy.js:82:8) at emitErrorAndCloseNT (internal/streams/destroy.js:50:3) at processTicksAndRejections (internal/process/next_tick.js:76:17) message: 'request to https://oauth2.googleapis.com/token failed, reason: self signed certificate in certificate chain', type: 'system', errno: 'SELF_SIGNED_CERT_IN_CHAIN', code: 'SELF_SIGNED_CERT_IN_CHAIN', config: { method: 'POST', url: 'https://oauth2.googleapis.com/token', data: 'code=[]&client_id=[]&redirect_uri=[]&grant_type=authorization_code&code_verifier=', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'User-Agent': 'google-api-nodejs-client/3.1.2', Accept: 'application/json' }, params: [Object: null prototype] {}, paramsSerializer: [Function: paramsSerializer], body: 'code=[]&client_id=[]&client_secret=[]&redirect_uri=[***]&grant_type=authorization_code&code_verifier=', validateStatus: [Function: validateStatus], responseType: 'json' } }

Specifications

  • Node version (node -v): v11.9.0
  • OS (Mac/Linux/Windows): Windows 10

MSherry24 avatar May 13 '19 15:05 MSherry24

Are you on a network behind a firewall/proxy? Have you tried running the same code on a different/open network?

sqrrrl avatar May 16 '19 16:05 sqrrrl

Yes, I am behind a corporate firewall, but I've run the same code on a different machine on the same network and it works fine. It clearly has something to do with my local machine settings rather than the code hosted here. The weird part is that I don't see any self-signed certificates on my machine.

MSherry24 avatar May 16 '19 16:05 MSherry24

The self-signed cert is likely coming in the response from the proxy/firewall. Maybe a different policy for that machine or you're not authenticated on the network in the same way?

sqrrrl avatar May 16 '19 16:05 sqrrrl

You can also test with a simpler script that just uses built-in node functions.

const https = require('https');

let options = {
  hostname: 'oauth2.googleapis.com',
  port: 443,
  path: '/token',
  method: 'POST'
};

let req = https.request(options, (resp) => {
  resp.on('data', (chunk) => console.log(chunk.toString()));
  resp.on('end', () => console.log('End'));
  resp.on('error', (err) => console.log(err));
});

req.end();

sqrrrl avatar May 16 '19 16:05 sqrrrl