Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID

3
votes

I am implementing node js script over https.

Node js

const options = {
  key: fs.readFileSync('private.key'),
  cert: fs.readFileSync('cert.crt'),    
  // This is necessary only if using the client certificate authentication.
  requestCert: true,
  rejectUnauthorized: true,

  // This is necessary only if the client uses the self-signed certificate.
  ca: [fs.readFileSync('client-cert.pem')]
};

On each request this is giving error:- ERR_CERT_AUTHORITY_INVALID

I have searched a lot but nothing found.

I use below command for generating client key:-

openssl req -x509 -newkey rsa:2048 -keyout client-key.pem -out client-cert.pem -days 365

I create .crt and private keys on server and using them.

What I am doing wrong here?

2
node.jsapacheexpresssslsocket.io
You are creating a self signed certificate and the client does not like it. You need instead to have a certificate from a CA recognized by the client, or explicitely add your self signed certificate as trusted on the client side. Or maybe the problem is on the server side, but your question is not clear enough and you are not showing the code that deals with the TLS handshake and the X.509 checks.Patrick Mevzek
client side code:- var socket = io.connect( 'https://'+window.location.hostname+':3000' , { path: "/beta/"}, {secure: true},{rejectUnauthorized: false}); socket.on( 'new_count_message', function( data ) { if(curkey == data.key) { $('#notif_audio')[0].play(); $( "#tbids" ).html( data.new_count_message ).css('color', '#a94442'); } });Deepak Dholiyan
@PatrickMevzek, can you please show me a link or code on this?Deepak Dholiyan
This may be a helpful tutorial using letsencrypt if you've never setup HTTPS before in Node: itnext.io/…Michael Tallino

2 Answers

-1
votes

--Firstly, Right-click on your computer’s time, then select the option that says "Adjust date/time". --"Sync now" under "Synchronize your clock", and click on it. so, your system syncing your computer clock. look at : https://kinsta.com/knowledgebase/neterr-cert-authority-invalid/

-2
votes

Click on the page setting and enable unsafe information the reaload the page.