use multi wild-domains cert, got error #92
Comments
|
Which version of fetch-h2 is this, and do you have a certificate to share? This looks more like your CA is not trusted. Is it self-signed? Then you need to allow self-signed certificates. In either case, look here for the discussion: https://stackoverflow.com/questions/31673587/error-unable-to-verify-the-first-certificate-in-nodejs If you want to allow self-signed certs, do: before doing any |
|
san.js 31 / san.ts 50 |
|
Do you have a certificate I can test with? Doesn't look right, you can't have multiple names in subject.CN, you need to use SAN, so the error is correct. |
|
Our a server crt, CN="*.wanscloud.com,*.ajyun.com.cn,*.ajcloud.net" [Subject] san.ts line: 50 |
|
Is this a valid certificate, to have multiple comma-separated domains (wildcard or not) in the CN fields? I don't think you're allowed to. The CN (afaik) should only contain one domain, and the rest (including that in the CN) should be in the SAN. Also, if you have a SAN, the CN can be ignored, although fetch-h2 doesn't ignore it - it would be allowed to ignore it. Is this certificate created by a trusted well-known CA? Are browsers like Chrome and Firefox accepting it? |
|
YES |
|
CN contains one domain, I also see other certs. |
Will no longer care about subject CN in certificates, when a subjectaltname is present fix #92
|
🎉 This issue has been resolved in version 2.4.4 🎉 The release is available on: Your semantic-release bot 📦🚀 |
multi wild-domains cert, SAN: *.domain1.com, *.domain2.com
when use fetch-h2 access site (such as: www.domain2.com )
using multi wild-domains cert will got error:
Error: unable to verify the first certificate.
The text was updated successfully, but these errors were encountered: