search

nodeSolidServer / node-solid-server

Solid server on top of the file-system in NodeJS
https://solidproject.org/for-developers/pod-server
Other
1.78k stars 303 forks source link

xxx.localhost. is not in the cert's altnames: DNS:localhost #1384

Closed linonetwo closed 4 years ago

linonetwo commented 4 years ago

UnhandledPromiseRejectionWarning: FetchError: request to https://zhihucrawler.localhost:8443/profile/ failed, reason: Hostname/IP does not match certificate's altnames: Host: zhihucrawler.localhost. is not in the cert's altnames: DNS:localhost

I'm generating keys using mkcert localhost \"*.localhost\" 127.0.0.1

And start server using solid start --port 8443 --ssl-key ../keys/localhost+2-key.pem --ssl-cert ../keys/localhost+2.pem --webid --multiuser --data-browser-path $(pwd)/../node_modules/mashlib/dist/databrowser.html which successfully loaded the CA.

And I fetch using:

import data from '@solid/query-ldflex';

// Get full chain CA and local CA added by mkcert, so secure TLS can be established
const rootCAs = require('ssl-root-cas/latest').create();
rootCAs.addFile(process.env.MKCERT_PATH);
require('https').globalAgent.options.ca = rootCAs;

const me = data[`https://zhihucrawler.localhost:8443/profile/#me`];
showProfile(me);

async function showProfile(person: any) {
  const label = await person.label;
  console.log(`\nNAME: ${label}`);

  console.log('\nTYPES');
  for await (const type of person.type) console.log(`  - ${type}`);

  console.log('\nFRIENDS');
  for await (const name of person.friends.firstName) console.log(`  - ${name} is a friend`);
}

with MKCERT_PATH=\"$(mkcert -CAROOT)/rootCA.pem\" node ./dist/index.js

linonetwo commented 4 years ago

The reason is many browsers don't support second-level wildcards like "*.localhost" ⚠️

Use mkcert localhost zhihucrawler.localhost 127.0.0.1 instead of mkcert localhost *.localhost 127.0.0.1.