[我们有一个Apollo服务器正在调用外部API(它将REST API转换为GraphQL)。直到几天前,使用cross-fetch
调用API都可以正常工作。
[星期五,我们开始收到以下错误(如下)。我已经进行了一些搜索,它似乎与证书有关(例如,请参见Error: unable to verify the first certificate in nodejs)。按照该问题的答案,我尝试使用https://www.npmjs.com/package/ssl-root-cas
并放入
require('https').globalAgent.options.ca = require('ssl-root-cas/latest').create();
在我的代码开头,但这似乎没有用。
更重要的是,我不清楚自己在做什么。我对什么是证书,它们如何工作有一个[[general的想法,但是在这种情况下,我不清楚为什么我必须向几天前不想要的公共API提供证书。我非常感谢您提供解决方案的帮助,但更重要的是,如果有人在这里发生了什么,也就是说,可能是导致问题的原因以及解决方案如何解决它。
谢谢!{
"errors": [
{
"message": "request to https://www.someapi.com failed, reason: unable to verify the first certificate",
"locations": [],
"path": [
"someSearch"
],
"extensions": {
"code": "INTERNAL_SERVER_ERROR",
"exception": {
"message": "request to https://www.someapi.com failed, reason: unable to verify the first certificate",
"type": "system",
"errno": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
"code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
"stacktrace": [
"FetchError: request to https://www.someapi.com failed, reason: unable to verify the first certificate",
" at ClientRequest.<anonymous> (/Users/abc/Documents/projects/yaa-interface-new/node_modules/node-fetch/lib/index.js:1455:11)",
" at ClientRequest.emit (events.js:210:5)",
" at TLSSocket.socketErrorListener (_http_client.js:406:9)",
" at TLSSocket.emit (events.js:210:5)",
" at emitErrorNT (internal/streams/destroy.js:92:8)",
" at emitErrorAndCloseNT (internal/streams/destroy.js:60:3)",
" at processTicksAndRejections (internal/process/task_queues.js:80:21)"
]
}
}
}
],
"data": {
"someSearch": null
}
}
[首先,我从此处的第4个答案得到启发,下载了链式PEM证书:Unable to verify leaf signature。
然后我使用NODE_EXTRA_CA_CERTS,指向下载的PEM文件。
NODE_EXTRA_CA_CERTS='./something-chain.pem' node index.js
效果很好。