问题
I need to disable peer SSL validation for some of my https requests using node.js
Right now I use node-fetch package which doesn't have that option, as far as I know.
That should be something like CURL's CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false
Does any networking package allow to do so? Is there a way to skip SSL validation in axios maybe?
回答1:
Axios doesn't address that situation so far - you can try:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
BUT THATS A VERY BAD IDEA since it disables SSL across the whole node server..
or you can configure axios to use a custom agent and set rejectUnauthorized to false for that agent as mentioned here
example:
// At instance level
const instance = axios.create({
httpsAgent: new https.Agent({
rejectUnauthorized: false
})
});
instance.get('https://something.com/foo');
// At request level
const agent = new https.Agent({
rejectUnauthorized: false
});
axios.get('https://something.com/foo', { httpsAgent: agent });
来源:https://stackoverflow.com/questions/54903199/how-to-ignore-ssl-certificate-validation-in-node-requests