tomas
"rejectUnauthorized" works for get but not post
I'm using Needle to talk to an API, and need to use a self-signed cert. I can do "get" requests, setting rejectUnauthorized to false, and things work fine. However, when I do post requests, I still get a SELF_SIGNED_CERT_IN_CHAIN error. This is in NodeJS v10.14.2.
Get code (works):
return new Promise((resolve, reject) => {
needle.request('get', url, null, {
username,
password,
rejectUnauthorized: false,
requestCert: true,
agent: false,
strictSSL: false,
headers: {
Accept: 'application/json'
},
json: true
}, (error, response) => {
if (error) {
reject(error);
} else {
resolve(response);
}
});
});
Post code (gets error):
return new Promise((resolve, reject) => {
needle.request('post', url, issue, {
username,
password,
rejectUnauthorized: false,
requestCert: true,
agent: false,
strictSSL: false,
headers: {
Accept: 'application/json'
},
json: true
}, (error, response) => {
if (error) {
reject(error);
} else {
resolve(response);
}
});
});
Value of response is in the attached file. jira-issue-post.zip
Hi @emamid, I hadn't run into this before.
AFAIK we pass the options to Node's http module in the same way for both requests.
I'll take a look now and see what I find.
I just tested and the option is correctly set on both types of request. Are you sending your request to a https endpoint? Are there any redirects or proxies acting in the middle?
Thanks. In case I didn't mention it in the issue, I'm able to do POST operations using Postman when turning "SSL certificate verification" off in Settings, so I don't think it's an issue with this specific server API. (Atlassian Jira, if that matters).
On Wed, Apr 10, 2019 at 3:55 PM Tomás Pollak [email protected] wrote:
Hi @emamid https://github.com/emamid, I hadn't run into this before.
AFAIK we pass the options to Node's http module in the same way for both requests.
I'll take a look now and see what I find.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/tomas/needle/issues/276#issuecomment-481897924, or mute the thread https://github.com/notifications/unsubscribe-auth/AIHLXMU4t4swetqfp9QFTUZn117RgUTkks5vfmvugaJpZM4cl1-u .
I see. Thanks for the input. Are you sure there aren't any redirects or proxies in the middle?
I'll have to check that.
On Thu, Apr 11, 2019, 7:17 AM Tomás Pollak [email protected] wrote:
I see. Thanks for the input. Are you sure there aren't any redirects or proxies in the middle?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/tomas/needle/issues/276#issuecomment-482133402, or mute the thread https://github.com/notifications/unsubscribe-auth/AIHLXJOBqXoufrj1CI_zi45wbiHB8z2Aks5vf0QMgaJpZM4cl1-u .
I'm not able to tell yet about the proxy, though I am connecting via a VPN. However, even if there's a proxy, why would things work for get and not for post?
On Thu, Apr 11, 2019 at 11:16 AM David Emami [email protected] wrote:
I'll have to check that.
On Thu, Apr 11, 2019, 7:17 AM Tomás Pollak [email protected] wrote:
I see. Thanks for the input. Are you sure there aren't any redirects or proxies in the middle?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/tomas/needle/issues/276#issuecomment-482133402, or mute the thread https://github.com/notifications/unsubscribe-auth/AIHLXJOBqXoufrj1CI_zi45wbiHB8z2Aks5vf0QMgaJpZM4cl1-u .
Aha, so there is something in between. Would it be possible for you to try the request directly, without a VPN in between?
@emamid I realize it's been a while since your post, but did you ever get resolution on this issue? I am having the same problem, using Needle in a Kubernetes environment. GET requests work fine, but POST requests return "certificate has expired". I'm using rejectUnauthorized: false and self-signed certs.
