主持人:localhost.不在cert的altnames中

Question

我在服务器端渲染时遇到错误.

RENDERING ERROR: { [Error: Network error: request to https://api-dev.xyz.io/graphql failed, reason: Hostname/IP doesn't match certificate's altnames: "Host: localhost. is not in the cert's altnames: DNS:*.xyz.io"]
  graphQLErrors: null,
  networkError: 
   { [FetchError: request to https://api-dev.xyz.io/graphql failed, reason: Hostname/IP doesn't match certificate's altnames: "Host: localhost. is not in the cert's altnames: DNS:*.xyz.io"]
     name: 'FetchError',
     message: 'request to https://api-dev.xyz.io/graphql failed, reason: Hostname/IP doesn\'t match certificate\'s altnames: "Host: localhost. is not in the cert\'s altnames: DNS:*.xyz.io"',
     type: 'system',
     errno: undefined,
     code: undefined },
  message: 'Network error: request to https://api-dev.xyz.io/graphql failed, reason: Hostname/IP doesn\'t match certificate\'s altnames: "Host: localhost. is not in the cert\'s altnames: DNS:*.xyz.io"',
  extraInfo: undefined }

注意: -我正在使用react,readux,apollo-client(GraphQL)和ExpressJS(NodeJS).我正在请求的API服务器在其他域上,我无法对其进行任何更改.

在使用客户端渲染时,我没有遇到任何困难,一切都按预期工作,但在服务器端渲染时,我遇到了上述错误.

所以我在我的服务器上尝试了以下方法,但仍然没有运气.

1. 添加自签名证书

2. 在https选项中添加'rejectUnauthorized':false.

   const options = {
     'key': key,
     'cert': cert,
     'ca': [ fs.readFileSync('local-certificate.pem') ],
     'rejectUnauthorized':false
   };
   
   https.createServer(options, app).listen(httpsPort, '0.0.0.0', function onStart(err) {
     if (err) { console.log(err); }
     console.info('==> Listening on httpsPort %s. Open up http://0.0.0.0:%s/ in your browser.', httpsPort, options);
   });
   

3. 此外,我尝试在我的自签名证书中添加altname,以帮助我如何使用OpenSSL生成带有SubjectAltName的自签名证书？

有没有办法绕过证书验证,以便我的快递服务器可以向具有有效证书的另一个域上的API服务器发出请求.

我仍然不确定我是否可以通过在我的快递服务器上进行任何更改来修复(在我的快速服务器上).

请告诉我对此的任何见解.

Answer 1

主机名是 NodeJS 下面的系统级设置。您需要有权访问运行 NodeJS 副本的机器/VM。