How to ignore SSL certificate validation in node requests?

node.js axios node-fetch

61,449

Axios doesn't address that situation so far - you can try:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

BUT THAT'S A VERY BAD IDEA since it disables SSL across the whole node server.

Or, you can configure axios to use a custom agent and set rejectUnauthorized to false for that agent as mentioned here.

Example:

const https = require('https');
const axios = require('axios')
//or
// import https from 'https';
// import axios from 'axios';

// At instance level
const instance = axios.create({
  httpsAgent: new https.Agent({  
    rejectUnauthorized: false
  })
});

instance.get('https://something.com/foo');

// At request level
const agent = new https.Agent({  
  rejectUnauthorized: false
});

axios.get('https://something.com/foo', { httpsAgent: agent });

61,449

Dmitry Samoylov

Frontend programmer at Indiana Quality Solutions

Updated on November 12, 2021

Comments

Dmitry Samoylov over 2 years

I need to disable peer SSL validation for some of my https requests using node.js Right now I use node-fetch package which doesn't have that option, as far as I know.

That should be something like CURL's CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false

Does any networking package allow to do so? Is there a way to skip SSL validation in axios maybe?
user1513388 about 4 years

Hmm so I updated my code to include the instance example. I also added import * as https from 'https'; However, it can't find https
Juha Vehnia almost 4 years

If using standard node express use const https = require('https');
AKJ over 3 years

Jumping in here really late, but i tried adding the httpsAgent on a request level, but it did not seem to work at all.
iLuvLogix over 3 years

@AKJ You might want to open a new question with a minimum, verifiable example, maybe we are able to help.. ;)
Rohit Parte over 3 years

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; is must