coolaj86
/
nodejs-self-signed-certificate-example
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

IP: 5.5.5.5 is not in the cert's list #1

New Issue
Open
opened 2021-07-27 15:36:28 +00:00 by Ghost · 3 comments
Ghost commented 2021-07-27 15:36:28 +00:00
Copy Link

Getting this error
Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: IP: 5.5.5.5 is not in the cert's list:

Added -addext "subjectAltName=IP:5.5.5.5" to openssl req in https://git.coolaj86.com/coolaj86/nodejs-self-signed-certificate-example/src/branch/master/make-root-ca-and-certificates.sh Still getting same error

Getting this error `Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: IP: 5.5.5.5 is not in the cert's list: ` Added `-addext "subjectAltName=IP:5.5.5.5"` to `openssl req` in https://git.coolaj86.com/coolaj86/nodejs-self-signed-certificate-example/src/branch/master/make-root-ca-and-certificates.sh Still getting same error
Ghost commented 2021-07-27 16:23:14 +00:00
Author
Copy Link

It worked. had to add the below in client nodejs code

checkServerIdentity: function (host, cert) {
  return undefined;
}
It worked. had to add the below in client nodejs code ``` checkServerIdentity: function (host, cert) { return undefined; } ```
coolaj86 commented 2021-07-27 19:10:19 +00:00
Owner
Copy Link

That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate.

You disabled SSL, essentially.

That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate. You disabled SSL, essentially.
Ghost commented 2021-07-28 16:52:58 +00:00
Author
Copy Link

That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate.

You disabled SSL, essentially.

So the below code almost disables SSL?

checkServerIdentity: function (host, cert) {
  return undefined;
}

Why do I get IP is not in the cert's list error although I did add -addext "subjectAltName=IP:5.5.5.5 ?

> That's not working. That's entirely crippling the security of your system, guaranteeing that an attacker can use any forged certificate. > > You disabled SSL, essentially. So the below code almost disables SSL? ``` checkServerIdentity: function (host, cert) { return undefined; } ``` Why do I get IP is not in the cert's list error although I did add -`addext "subjectAltName=IP:5.5.5.5` ?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
v1.1.2
v1.1.1
v1.1.0
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/nodejs-self-signed-certificate-example#1
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?