SyntaxFix

[c] Openssl : error "self signed certificate in certificate chain"

When I used openssl APIs to validate server certificate (self signed), I got following error :

error 19 at 1 depth lookup:self signed certificate in certificate chain

As per openssl documentation, this error (19) is

"X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain - the certificate chain could be built up using the untrusted certificates but the root could not be found locally."

Why this error occurs ? Any problems with my server certificate ?

This question is related to c linux openssl ssl-certificate verify

The answer is

The solution for the error is to add this line at the top of the code:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

Here is one-liner to verify certificate chain:

openssl verify -verbose -x509_strict -CAfile ca.pem cert_chain.pem

This doesn't require to install CA anywhere.

See How does an SSL certificate chain bundle work? for details.

If you're running Charles and trying to build a container then you'll most likely get this error.

Make sure to disable Charles (macos) proxy under proxy -> macOS proxy

Charles is an

HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet.

So anything similar may cause the same issue.

Source: Stackoverflow.com

Examples related to c

conflicting types for 'outchar' Can't compile C program on a Mac after upgrade to Mojave Program to find largest and second largest number in array Prime numbers between 1 to 100 in C Programming Language In c, in bool, true == 1 and false == 0? How I can print to stderr in C? Visual Studio Code includePath "error: assignment to expression with array type error" when I assign a struct field (C) Compiling an application for use in highly radioactive environments How can you print multiple variables inside a string using printf?

Examples related to linux

grep's at sign caught as whitespace How to prevent Google Colab from disconnecting? "E: Unable to locate package python-pip" on Ubuntu 18.04 How to upgrade Python version to 3.7? Install Qt on Ubuntu Get first line of a shell command's output Cannot connect to the Docker daemon at unix:/var/run/docker.sock. Is the docker daemon running? Run bash command on jenkins pipeline How to uninstall an older PHP version from centOS7 How to update-alternatives to Python 3 without breaking apt?

Examples related to openssl

dyld: Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib How to install OpenSSL in windows 10? SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443 How to fix: fatal error: openssl/opensslv.h: No such file or directory in RedHat 7 Homebrew refusing to link OpenSSL Solving sslv3 alert handshake failure when trying to use a client certificate How to install latest version of openssl Mac OS X El Capitan How to resolve the "EVP_DecryptFInal_ex: bad decrypt" during file decryption SSL error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY)

Examples related to ssl-certificate

How to install OpenSSL in windows 10? Scraping: SSL: CERTIFICATE_VERIFY_FAILED error for http://en.wikipedia.org Not able to install Python packages [SSL: TLSV1_ALERT_PROTOCOL_VERSION] Letsencrypt add domain to existing certificate javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure bypass invalid SSL certificate in .net core How to add Certificate Authority file in CentOS 7 How to use a client certificate to authenticate and authorize in a Web API This certificate has an invalid issuer Apple Push Services iOS9 getting error “an SSL error has occurred and a secure connection to the server cannot be made”

Examples related to verify

Java verify void method calls n times with Mockito How to verify a method is called two times with mockito verify() Best way to check that element is not present using Selenium WebDriver with java Openssl : error "self signed certificate in certificate chain"

Tags

Source-control-bindings Graphicspath Dwm Intrinsics Telligent Non-greedy Dll-injection Metadata-repository Cider Proj4js Cache-control Nested-attributes Httpserver Unobtrusive-validation Movabletype Mindtouch Ubuntu-10.04 Polling Psycopg Rubber-band Call-flow Esent Renderer Playing-cards Addrange Pdf-writer Cusp Calibration Vps Phase Referer Directory-permissions Smtps Ice Sessionfactory Gamma R5rs Server-mode Mathjax Launcher Icustomtypedescriptor Operating-system Nshost Dispatchevent Tabular Non-static Tarantino Rdb Wcf-hosting Webmail Craigslist Testcaseattribute Net-reactor System.web.routing Cors Runonce Picturegallery Google-chrome-frame Resolveclienturl Chickenfoot Wordpress Building Boost-variant Mysite Console Hobby-os Cck Hosted-app Session-store Writeonly Simpletype Rhapsody Generator Code-analysis Apache-felix Custom-tags Pgi Authorize.net Varray Sprite Driveinfo Static-initialization Zend-validate Destructor Tree-search Depth Sprite-sheet Gruff Tortoisesvn Popup Tiers Components Tie Mpeg-2 Python-embedding Word Beagleboard Jvm Awt Coupling