Bypass Self Signed certificates in HTTP Request module

7,589 views
Skip to first unread message

Juan Sancho

unread,
Jun 2, 2015, 12:41:21 PM6/2/15
to node...@googlegroups.com
This is the way to bypass self signed certificates when requesting an 'https://..." resource using the "HTTP Request node":

$ vim /usr/lib/node_modules/node-red/nodes/core/io/21-httpin.js
            [...]
            var opts = urllib.parse(url);
            opts.rejectUnauthorized = false;
            [...]

Does anyone know another way of doing it? If not, could this be offered as an option in the dialog box of the corresponding node?

Nicholas O'Leary

unread,
Jun 2, 2015, 2:51:56 PM6/2/15
to Node-RED Mailing LIst
Hi Juan,

you can do this by running with the NODE_TLS_REJECT_UNAUTHORIZED  environment variable set - http://stackoverflow.com/a/21961005/2117239

Nick

--
http://nodered.org
---
You received this message because you are subscribed to the Google Groups "Node-RED" group.
To unsubscribe from this group and stop receiving emails from it, send an email to node-red+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Juan Sancho

unread,
Jun 4, 2015, 12:16:32 PM6/4/15
to node...@googlegroups.com
Hi Nicholas,

The most voted answer says:

Add
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
in code, before calling https.request()


Where do I have to set that variable? In the HTTP Node? In the Operating System? In a function node?

Nicholas O'Leary

unread,
Jun 4, 2015, 12:23:15 PM6/4/15
to Node-RED Mailing LIst
As I said, set it as an environment variable.

On linux:

export NODE_TLS_REJECT_UNAUTHORIZED="0"
node red.js  // or however you run node-red


Alternatively, add:
  process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

in your settings.js file.

Nick


Juan Sancho

unread,
Jun 8, 2015, 3:59:38 AM6/8/15
to node...@googlegroups.com
Thanks Nick, worked like a charm
Reply all
Reply to author
Forward
0 new messages