My production node app on Heroku randomly started throwing the following error:
Error: certificate has expired
at Error (native)
at TLSSocket.<anonymous> (_tls_wrap.js:1060:38)
at emitNone (events.js:86:13)
at TLSSocket.emit (events.js:185:7)
at TLSSocket._finishInit (_tls_wrap.js:584:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:416:38)
error: Forever detected script exited with code: 1
error: Script restart attempt #1
Creating a pool connected to blah.thing.com:port
Running migrations for database 'app_name'...
events.js:160
throw er; // Unhandled 'error' event
^
I'm confused by two things. My certificate is up to date, so I don't know why it's saying it's expired, and second, the only two files called "events.js" in my app directory are in two seemingly irrelevant node modules (inquirer and twilio) and don't even have a line 160. What might be the cause of this and how should I even debug it?
edit: In addition, it's just the production app (of course), not staging or local, which is odd because staging and production both point to the same certificate.
I had similar error in my project
Error: certificate has expired
at TLSSocket.<anonymous> (_tls_wrap.js:1116:38)
at emitNone (events.js:106:13)
at TLSSocket.emit (events.js:208:7)
at TLSSocket._finishInit (_tls_wrap.js:643:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:473:38)
at TLSSocket.<anonymous> (_tls_wrap.js:1116:38)
at emitNone (events.js:106:13)
at TLSSocket.emit (events.js:208:7)
at TLSSocket._finishInit (_tls_wrap.js:643:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:473:38)
it turned out that the problem was in the external service that was used for tracking user events (Amplitude). Their Sectigo's legacy AddTrust External CA Root certificate had expired which impacted many companies across the internet. To resolve that issue they had upgraded their package with the new endpoint and a new certificate.
So if someone encounters similar issue, first think of all possible external services that are used within the app.
I had the same problem, for me a remote "playground" server got expired certificate. (a server to which node was trying to connect through a web-socket)
Related
I am trying to create a serverless project. But it gives an error when giving the serverless command on the cmd. Please help me to solve this.
first I installed the serverless with 'npm install -g serverless' command. Then I gave 'serverless' command. So following error was displayed on the cmd.
C:\Geethma\myFiles\serverlessTutorial>serverless
Creating a new serverless project
? What do you want to make? AWS - Node.js - Starter
? What do you want to call this project? aws-node-project
Environment: win32, node 16.15.0, framework 3.18.2, plugin 6.2.2, SDK 4.3.2
Docs: docs.serverless.com
Support: forum.serverless.com
Bugs: github.com/serverless/serverless/issues
Error:
RequestError: self signed certificate in certificate chain
at ClientRequest.<anonymous> (C:\Users\geethma.rathnayake\AppData\Roaming\npm\node_modules\serverless\node_modules\got\dist\source\core\index.js:962:111)
at Object.onceWrapper (node:events:642:26)
at ClientRequest.emit (node:events:539:35)
at ClientRequest.emit (node:domain:475:12)
at ClientRequest.origin.emit (C:\Users\geethma.rathnayake\AppData\Roaming\npm\node_modules\serverless\node_modules\#szmarczak\http-timer\dist\source\index.js:43:20)
at TLSSocket.socketErrorListener (node:_http_client:454:9)
at TLSSocket.emit (node:events:527:28)
at TLSSocket.emit (node:domain:475:12)
at emitErrorNT (node:internal/streams/destroy:157:8)
at emitErrorCloseNT (node:internal/streams/destroy:122:3)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
at TLSSocket.onConnectSecure (node:_tls_wrap:1532:34)
at TLSSocket.emit (node:events:527:28)
at TLSSocket.emit (node:domain:475:12)
at TLSSocket._finishInit (node:_tls_wrap:946:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:727:12)
If you're using a machine provided by an employer, they may have installed self-signed SSL certificates in order to connect to internal systems or run fleet management software.
You can override strict checking in Node by either prepending the command with NODE_TLS_REJECT_UNAUTHORIZED=0 serverless, or permanently with npm config set strict-ssl false.
I had checked with Aaron's answer, but it didn't work for my case.
Issue on my side was with my company's VPN, as it was blocking sending/receiving the data. I went with the below steps that solved my issue.
Solution
Try disabling the VPN.
Run the command again.
Verify if it works.
Also make sure that your IAM user has necessary privileges to perform this by attaching necessary policy in the AWS's IAM User page.
I'm trying to setup a Node.js Websocket server over at my webhost (Namecheap). However, I am getting this error:
events.js:292
throw er; // Unhandled 'error' event
^
Error: Unexpected server response: 301
at ClientRequest.<anonymous> (D:\****\node_modules\ws\lib\websocket.js:576:7)
at ClientRequest.emit (events.js:315:20)
at HTTPParser.parserOnIncomingClient [as onIncoming] (_http_client.js:596:27)
at HTTPParser.parserOnHeadersComplete (_http_common.js:119:17)
at TLSSocket.socketOnData (_http_client.js:469:22)
at TLSSocket.emit (events.js:315:20)
at addChunk (_stream_readable.js:295:12)
at readableAddChunk (_stream_readable.js:271:9)
at TLSSocket.Readable.push (_stream_readable.js:212:10)
at TLSWrap.onStreamRead (internal/stream_base_commons.js:186:23)
Emitted 'error' event on WebSocket instance at:
at abortHandshake (D:\****\node_modules\ws\lib\websocket.js:694:15)
at ClientRequest.<anonymous> (D:\****\node_modules\ws\lib\websocket.js:576:7)
[... lines matching original stack trace ...]
at TLSSocket.Readable.push (_stream_readable.js:212:10)
The code for the client and server came from here:
https://github.com/websockets/ws#Simple server
https://github.com/websockets/ws#sending-and-receiving-text-data
with ws://www.host.com/path changed to ws://<mydomainname>/<dir1>/<dir2>
Both client and server code runs properly when run locally. Http related code runs properly when used on my webhost. I am trying to get the client code to run locally and connect via websockets to my server hosted at Namecheap.
I suspect something related to the server is preventing connection. I'd ask support but I doubt if they can resolve this. Maybe there's a locked feature or something? Is there something else I could have missed?
Websockets cannot work on Namecheap's hosted servers. Their incoming ports are blocked and cannot be opened for security reasons per their customer's support.
If anyone is looking for a solution just in case, try out a Heroku free account.
when i call a POST endpoint from npm request module in my nodejs app (hosted on elasticbeanstalk aws). it gives me CERT_HAS_EXPIRED error, however my ssl certificate is valid and works perfectly when someone visit our site.
this started happening randomly 3 days earlier.
does anyone know what can be done? to fix it?
{ Error: certificate has expired
at TLSSocket.<anonymous> (_tls_wrap.js:1088:38)
at emitNone (events.js:86:13)
at TLSSocket.emit (events.js:188:7)
at TLSSocket._finishInit (_tls_wrap.js:610:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:440:38) code: 'CERT_HAS_EXPIRED' }
So #Salahi's comment was correct, support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l00000117LT
it wasn't a problem on our end, but one of the root certificates expired for the services we were trying to access, and therefore were receiving this error.
I've been working on this issue on and off for a few months now I am a point where I need this to work. I have solved this issue with git but not nodejs. An Internal url we have is using a Self-Signed cert because its internal use only. I need to use node to communicate with the url. I've tried to set NODE_EXTRA_CA_CERTS many times with nothing working. One way was suggected to set the environemnt value this way
[Environment]::SetEnvironmentVariable("NODE_EXTRA_CA_CERTS", "C:\Temp\NodeCertFix\selfSignedCert.cer", "Machine") I have confirmed that the cert is a base64 cert, same as a .pem in Linux. No Matter what i do i can't get it to work.
events.js:180
throw er; // Unhandled 'error' event
^
Error: unable to get local issuer certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1317:34)
at TLSSocket.emit (events.js:203:13)
at TLSSocket._finishInit (_tls_wrap.js:792:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:606:12) Emitted 'error' event at:
at TLSSocket.socketErrorListener (_http_client.js:399:9)
at TLSSocket.emit (events.js:203:13)
at emitErrorNT (internal/streams/destroy.js:91:8)
at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)
at processTicksAndRejections (internal/process/task_queues.js:77:11) { code:
'UNABLE_TO_GET_ISSUER_CERT_LOCALLY' }
Did you try the nodejs-self-signed-certificate-example package from npm?
I am trying scrape a site and I'm using both npm modules tinyreq/cheerio as noted on this blog post
The site I am trying to scrape uses TLS I run into the following error below:
Error: self signed certificate in certificate chain
at Error (native)
at TLSSocket.<anonymous> (_tls_wrap.js:1092:38)
at emitNone (events.js:86:13)
at TLSSocket.emit (events.js:185:7)
at TLSSocket._finishInit (_tls_wrap.js:610:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:440:38) code: 'SELF_SIGNED_CERT_IN_CHAIN'
Is there a way I can bypass this in node? Or would I have to include the actual cert within the script?