如何忽略来自 http 请求节点的 SSL 错误
How to ignore SSL errors from http request node
我正在尝试使用 node-red 作为前端来与我正在构建的 REST API 交互。我的 API 使用 https,但在我的本地服务器上,证书没有完美设置,当我尝试使用 "http request" 节点时,出现错误:
UNABLE_TO_VERIFY_LEAF_SIGNATURE
有没有办法将 node-red 配置得不那么严格并允许 SSL 协议错误并继续处理 http 请求?是否有人创建了自己版本的 "http request" 节点,该版本比默认节点更宽松?
(在 Google Chome 浏览器中,我有一个绿色的挂锁,所以 SSL 几乎是正确的,node-red 非常挑剔)
至运行 node-red 我使用docker:
docker run -dp 1880:1880 -v ~/.node-red:/root/.node-red --name node-red cpswan/node-red
这是我的node-red项目源码:
[{"id":"e246fcb9.1db9","type":"inject","name":"Trigger user/me","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"x":200,"y":140,"z":"e7bac913.184538","wires":[["f9d78108.06288"]]},{"id":"96b8b92c.694748","type":"http request","name":"user/me","method":"GET","ret":"obj","url":"https://local.supertasker.com/api/user/me","x":711,"y":141,"z":"e7bac913.184538","wires":[["5150419b.aeafc"]]},{"id":"5150419b.aeafc","type":"debug","name":"","active":true,"console":"false","complete":"false","x":906,"y":140,"z":"e7bac913.184538","wires":[]},{"id":"f9d78108.06288","type":"function","name":"Add 'Accept:application/json' header","func":"\nmsg.headers = {\n 'Accept':'application/json'\n};\n\n// Return the message so it can be sent on\nreturn msg;","outputs":1,"valid":true,"x":464,"y":140,"z":"e7bac913.184538","wires":[["96b8b92c.694748"]]}]
目前,node-red 没有公开直接执行此操作的方法,但您可以设置 NODE_TLS_REJECT_UNAUTHORIZED 环境变量以在 node.js 级别禁用它:
例如:
NODE_TLS_REJECT_UNAUTHORIZED=0 node red.js
如果它对任何人有帮助,这里是您可以使用 Docker without HTTPS errors using the ENV var that @knolleary (NODE_TLS_REJECT_UNAUTHORIZED=0) 尝试 node-red 的方法:
在里面创建一个 Dockerfile:
FROM node:0.10
RUN npm install -g node-red
EXPOSE 1880
ENV NODE_TLS_REJECT_UNAUTHORIZED=0
CMD ["/usr/local/bin/node-red"]
构建它:
docker build -t="yourname/node-red" .
运行它:
docker run -dp 1880:1880 -v ~/.node-red:/root/.node-red --name node-red yourname/node-red
如果您需要 node-red 应用程序访问主机上的服务 运行,您可以将服务名称添加到引用 [=35] 的 node-red 容器的 /etc/hosts =]网关IP:
docker exec node-red sh -c "echo '172.17.42.1\tmy.local.service.com\n' >> /etc/hosts"
在此之后,节点-红色"http request"节点可以在url中使用my.local.service.com。
在 settings.js 文件中添加以下代码。 module.exports行前
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
如果要查找文件位置 运行 node-red,也会显示文件位置。
我在 ubuntu 20.04 LTS
上使用 snapd 安装了 node-red
如果有人在 ubuntu 上使用此工具遇到同样的问题,请查看:
/etc/systemd/system/snap.node-red.node-red.service
您会发现该应用程序正在使用 /etc/environment 文件来设置环境变量
更新
将EnvironmentFile=...更改为Environment="NODE_TLS_REJECT_UNAUTHORIZED=0"
之后,重新启动 systemd 和 snap.node-red 服务:
sudo systemctl daemon-reload && service snap.node-red.node-red restart
make sure the service is running by :
sudo service snap.node-red.node-red status
请求应该正常通过
我正在尝试使用 node-red 作为前端来与我正在构建的 REST API 交互。我的 API 使用 https,但在我的本地服务器上,证书没有完美设置,当我尝试使用 "http request" 节点时,出现错误:
UNABLE_TO_VERIFY_LEAF_SIGNATURE
有没有办法将 node-red 配置得不那么严格并允许 SSL 协议错误并继续处理 http 请求?是否有人创建了自己版本的 "http request" 节点,该版本比默认节点更宽松?
(在 Google Chome 浏览器中,我有一个绿色的挂锁,所以 SSL 几乎是正确的,node-red 非常挑剔)
至运行 node-red 我使用docker:
docker run -dp 1880:1880 -v ~/.node-red:/root/.node-red --name node-red cpswan/node-red
这是我的node-red项目源码:
[{"id":"e246fcb9.1db9","type":"inject","name":"Trigger user/me","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"x":200,"y":140,"z":"e7bac913.184538","wires":[["f9d78108.06288"]]},{"id":"96b8b92c.694748","type":"http request","name":"user/me","method":"GET","ret":"obj","url":"https://local.supertasker.com/api/user/me","x":711,"y":141,"z":"e7bac913.184538","wires":[["5150419b.aeafc"]]},{"id":"5150419b.aeafc","type":"debug","name":"","active":true,"console":"false","complete":"false","x":906,"y":140,"z":"e7bac913.184538","wires":[]},{"id":"f9d78108.06288","type":"function","name":"Add 'Accept:application/json' header","func":"\nmsg.headers = {\n 'Accept':'application/json'\n};\n\n// Return the message so it can be sent on\nreturn msg;","outputs":1,"valid":true,"x":464,"y":140,"z":"e7bac913.184538","wires":[["96b8b92c.694748"]]}]
目前,node-red 没有公开直接执行此操作的方法,但您可以设置 NODE_TLS_REJECT_UNAUTHORIZED 环境变量以在 node.js 级别禁用它:
例如:
NODE_TLS_REJECT_UNAUTHORIZED=0 node red.js
如果它对任何人有帮助,这里是您可以使用 Docker without HTTPS errors using the ENV var that @knolleary NODE_TLS_REJECT_UNAUTHORIZED=0) 尝试 node-red 的方法:
在里面创建一个 Dockerfile:
FROM node:0.10
RUN npm install -g node-red
EXPOSE 1880
ENV NODE_TLS_REJECT_UNAUTHORIZED=0
CMD ["/usr/local/bin/node-red"]
构建它:
docker build -t="yourname/node-red" .
运行它:
docker run -dp 1880:1880 -v ~/.node-red:/root/.node-red --name node-red yourname/node-red
如果您需要 node-red 应用程序访问主机上的服务 运行,您可以将服务名称添加到引用 [=35] 的 node-red 容器的 /etc/hosts =]网关IP:
docker exec node-red sh -c "echo '172.17.42.1\tmy.local.service.com\n' >> /etc/hosts"
在此之后,节点-红色"http request"节点可以在url中使用my.local.service.com。
在 settings.js 文件中添加以下代码。 module.exports行前
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
如果要查找文件位置 运行 node-red,也会显示文件位置。
我在 ubuntu 20.04 LTS
上使用 snapd 安装了 node-red如果有人在 ubuntu 上使用此工具遇到同样的问题,请查看:
/etc/systemd/system/snap.node-red.node-red.service
您会发现该应用程序正在使用 /etc/environment 文件来设置环境变量
更新
将EnvironmentFile=...更改为Environment="NODE_TLS_REJECT_UNAUTHORIZED=0"
之后,重新启动 systemd 和 snap.node-red 服务:
sudo systemctl daemon-reload && service snap.node-red.node-red restart
make sure the service is running by :
sudo service snap.node-red.node-red status
请求应该正常通过