Open nagyszabi opened 2 months ago
Small update. It worked on one project, but it did not in one using Angular.
It gives the following error:
npm ERR! code UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! errno UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! request to https://registry.npmjs.org/webpack-dev-middleware/-/webpack-dev-middleware-5.3.4.tgz failed, reason: unable to verify the first certificate
But the other fix from the forum did not work on this project as well:
npm --use-openssl-ca i
I've tried restarting my editor and Windows as well, but it did not have any effect.
For me to get this to work, i actually had to specify the output format (PEM) as well. Otherwise the .cer-file would still contain an PKCS7 format certificate:
openssl pkcs7 -inform DER -in exported.p7b -outform PEM -out converted.cer
Thank you both for saving the rest of my sunday stolen by eset.
That's it, I needed -outform PEM
as well!
Now both of the projects work, thank you!
I was so happy when I saw this fix but it still didn't help me 😢 .
Do you guys also have private git repo as a dependency? Like this example:
"ratrakcn-ui": "https://github.com/kobe-ra/ratrakcn-ui.git",
"svelte-sonner": "^0.3.17",
If I remove the private repo it works, but not with it.
openssl pkcs7 -inform DER -in exported.p7b -outform PEM -out converted.cer
I had to add -print_certs from the original command, so the whole command looked like:
openssl pkcs7 -print_certs -inform DER -in exported.p7b -outform PEM -out converted.cer
As the ESET SSL Filter CA certificate is unique for each device a Powershell script might be handy:
$cert = Get-ChildItem -Path Cert:\LocalMachine\Root | Where { $_.Subject -like "*CN=ESET SSL Filter CA" }
Export-Certificate -Cert $cert -FilePath C:\Temp\ESET-SSL-Filter-CA.cer
&certutil -f -encode C:\Temp\ESET-SSL-Filter-CA.cer C:\Temp\ESET-SSL-Filter-CA.pem
Thank you @nagyszabi, @ferdiusa, and @rstefko! I've updated the readme with your feedback!
For people that are looking for the complete PowerShell script please see below. This would be helpful if you have an endpoint management solution and you want to deploy the fix automatically on all your assets affected.
$FolderPath= "C:\temp\certs" $cert = Get-ChildItem -Path Cert:\LocalMachine\Root | Where { $_.Subject -like "*CN=ESET SSL Filter CA" }
If(!(Test-Path -Path $FolderPath)) {
New-Item -ItemType Directory -Path $FolderPath
}
Export-Certificate -Cert $cert -FilePath $FolderPath\ESET-SSL-Filter-CA.cer certutil -f -encode $FolderPath\ESET-SSL-Filter-CA.cer $FolderPath\ESET-SSL-Filter-CA.pem
Hello there!
I really appreciate the fix you provided, it worked great (also worked on win 11)!
But since I don't use openssl that often, I would suggest some very minor improvements:
print_certs
is not required~ turns out it is, check comments belowAlso, I would add another note, that if someone (like I did) encounters the following error when converting:
They should add
-inform der
to specify the format. Source for the fixOne more thing, would be to specify that the
/m
parameter in the last command is for adding the env var toHKEY_LOCAL_MACHINE
, jus for transparency. This action also needs admin privileges.