Got: ignore ssl verification

Created on 10 Apr 2018  路  6Comments  路  Source: sindresorhus/got

Hello,

I'm using got since several months and I love it !
I'm facing an issue with an https request with an invalid SSL certificate.
If I use Postman or Curl I can ignore the SSL check, but I don't find a way to ignore with got library.

on chrome I recevied this : ERR_CERT_AUTHORITY_INVALID

Any ideas ?

Thanks in advance !

picture legrandjeremy

Most helpful comment

For others coming here in search of an answer: got('https://local.dev', { rejectUnauthorized: false });

ps:
got ships with Typescript definition files which are a nice way to explore modules' APIs.
In this case got() takes a second argument of type OptionsOfDefaultResponseBody, and if you drill down this type you will eventually rejectUnauthorized under node's https.RequestOptions type.

picture pyrho on 5 Feb 2020
👍51

All 6 comments

See: https://stackoverflow.com/questions/10888610/ignore-invalid-self-signed-ssl-certificate-in-node-js-with-https-request?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa

Got passes options to https.request.

sindresorhus picture sindresorhus on 10 Apr 2018
👍2

@sindresorhus Sorry for troubling, but there is conflicting information available on the interwebz. Node.js docs state that to be able to use the rejectUnauthorized option, you need to provide a custom Agent. Yet, some of the resources available say that it is unnecessary.

In relation to got, is the correct way to pass the rejectUnauthorized option directly to got, or should I pass an Agent configured with the rejectUnauthorized option?

Thank you.

mnmkng picture mnmkng on 11 Apr 2018

I don't know, sorry. Whatever is correct for Node.js, is correct for Got.

sindresorhus picture sindresorhus on 11 Apr 2018

For others coming here in search of an answer: got('https://local.dev', { rejectUnauthorized: false });

ps:
got ships with Typescript definition files which are a nice way to explore modules' APIs.
In this case got() takes a second argument of type OptionsOfDefaultResponseBody, and if you drill down this type you will eventually rejectUnauthorized under node's https.RequestOptions type.

pyrho picture pyrho on 5 Feb 2020
👍51

For others coming here in search of an answer: got('https://local.dev', { rejectUnauthorized: false });

wow, this should be top-level documented.

jgehrcke picture jgehrcke on 26 Apr 2020

Now it's actually:

got('https://local.dev', {https: { rejectUnauthorized: false }});
PierBover picture PierBover on 27 Aug 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

joolfe picture joolfe  路  3Comments
lukehorvat picture lukehorvat  路  3Comments
jamestalmage picture jamestalmage  路  3Comments
f-mer picture f-mer  路  4Comments
pvdlg picture pvdlg  路  3Comments