system-ca-win32
v1.0.0
Published
Get Windows System Root certificates
Downloads
4
Readme
win-ca
Get Windows System Root certificates for [Node.js][].
Rationale
In Node.js, HTTPS requests are validated against a built-in list of Certification Authorities.
Node uses a [statically compiled, manually updated, hardcoded list][node.pem] of certificate authorities, rather than relying on the system's trust store... [Read more][node/4175]
Accessing a website with a self-signed certificate, or accessing any website through a Proxy which
performs HTTPS decryption and inspection (almost any corporate environment) will result
in an SSL error: Error: self signed certificate in certificate chain
, and there is no easy way to ignore
this error whithout disabling SSL validation completely.
This package is intended to get Root CAs from Windows' store and make them available to [Node.js] https requests.
Usage
npm install --save system-ca-win32
.
const fetch = require("node-fetch");
const HttpsProxyAgent = require("https-proxy-agent"); // example when using an ssl-inspecting proxy
const ca = require('system-ca-win32');
const options = url.parse("http://10.10.10.132:8080");
options.ca = ca;
fetch("https://www.google.com", {
agent: new HttpsProxyAgent(options),
})
.then(body => {
return console.log("Done: ", body.status);
})
.catch(e => {
return console.error(e);
});
API
const ca = require('system-ca-win32');
ca
will contain an Agent-compatible list of Certification Authorities,
which can be directly assigned to options.ca
when constructing a new Agent.
Only a synchronous implementation is provided currently.
The default behavior is to cache the result of the first call, and always respond with a cached result.
You can call ca.clearCache()
to clear this cache.
Credits
Based on win-ca-ffi.
Uses node-forge and node-ffi.