coolaj86/nodejs-self-signed-certificate-example
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

IP: 5.5.5.5 is not in the cert's list #1

New Issue
Open
opened 2021-07-27 15:36:28 +00:00 by Ghost · 3 comments
Ghost commented 2021-07-27 15:36:28 +00:00
Copy Link

Getting this error
Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: IP: 5.5.5.5 is not in the cert's list:

Added -addext "subjectAltName=IP:5.5.5.5" to openssl req in https://git.coolaj86.com/coolaj86/nodejs-self-signed-certificate-example/src/branch/master/make-root-ca-and-certificates.sh Still getting same error

Getting this error `Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: IP: 5.5.5.5 is not in the cert's list: ` Added `-addext "subjectAltName=IP:5.5.5.5"` to `openssl req` in https://git.coolaj86.com/coolaj86/nodejs-self-signed-certificate-example/src/branch/master/make-root-ca-and-certificates.sh Still getting same error
Ghost commented 2021-07-27 16:23:14 +00:00
Author
Copy Link

It worked. had to add the below in client nodejs code

checkServerIdentity: function (host, cert) {
  return undefined;
}
It worked. had to add the below in client nodejs code ``` checkServerIdentity: function (host, cert) { return undefined; } ```
coolaj86 commented 2021-07-27 19:10:19 +00:00
Owner
Copy Link

That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate.

You disabled SSL, essentially.

That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate. You disabled SSL, essentially.
Ghost commented 2021-07-28 16:52:58 +00:00
Author
Copy Link

That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate.

You disabled SSL, essentially.

So the below code almost disables SSL?

checkServerIdentity: function (host, cert) {
  return undefined;
}

Why do I get IP is not in the cert's list error although I did add -addext "subjectAltName=IP:5.5.5.5 ?

> That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate. > > You disabled SSL, essentially. So the below code almost disables SSL? ``` checkServerIdentity: function (host, cert) { return undefined; } ``` Why do I get IP is not in the cert's list error although I did add -`addext "subjectAltName=IP:5.5.5.5` ?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
coolaj86
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coolaj86/nodejs-self-signed-certificate-example#1
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?