When I used openssl APIs to validate server certificate (self signed), I got following error :
error 19 at 1 depth lookup:self signed certificate in certificate chain
As per openssl documentation, this error (19) is
"X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain - the certificate chain could be built up using the untrusted certificates but the root could not be found locally."
Why this error occurs ? Any problems with my server certificate ?
This question is related to
c
linux
openssl
ssl-certificate
verify
The solution for the error is to add this line at the top of the code:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
Here is one-liner to verify certificate chain:
openssl verify -verbose -x509_strict -CAfile ca.pem cert_chain.pem
This doesn't require to install CA anywhere.
See How does an SSL certificate chain bundle work? for details.
If you're running Charles and trying to build a docker container then you'll most likely get this error.
Make sure to disable Charles (macos) proxy under proxy -> macOS proxy
Charles is an
HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet.
So anything similar may cause the same issue.
Source: Stackoverflow.com