I'm running a very annoying error with https calls from server.
The error is Http failure response for (unknown url): 0 Unknown Error.
In my angular application I perform an https call, when it's executed on the browser everything is fine, but when this call it's executed on the server I get the error. This is the complete error:
HttpErrorResponse {
headers: HttpHeaders { normalizedNames: Map {}, lazyUpdate: null,
headers: Map {} },
status: 0,
statusText: 'Unknown Error',
url: null,
ok: false,
name: 'HttpErrorResponse',
message: 'Http failure response for (unknown url): 0 Unknown Error',
error:
ProgressEvent {
type: 'error',
target:
XMLHttpRequest {
onloadstart: null,
onprogress: null,
onabort: null,
onerror: null,
onload: null,
ontimeout: null,
onloadend: null,
_listeners: [Object],
onreadystatechange: null,
_anonymous: undefined,
readyState: 4,
response: null,
responseText: '',
responseType: 'json',
responseURL: '',
status: 0,
statusText: '',
timeout: 0,
upload: [Object],
_method: 'GET',
_url: [Object],
_sync: false,
_headers: [Object],
_loweredHeaders: [Object],
_mimeOverride: null,
_request: null,
_response: null,
_responseParts: null,
_responseHeaders: null,
_aborting: null,
_error: null,
_loadedBytes: 0,
_totalBytes: 0,
_lengthComputable: false },
currentTarget:
XMLHttpRequest {
onloadstart: null,
onprogress: null,
onabort: null,
onerror: null,
onload: null,
ontimeout: null,
onloadend: null,
_listeners: [Object],
onreadystatechange: null,
_anonymous: undefined,
readyState: 4,
response: null,
responseText: '',
responseType: 'json',
responseURL: '',
status: 0,
statusText: '',
timeout: 0,
upload: [Object],
_method: 'GET',
_url: [Object],
_sync: false,
_headers: [Object],
_loweredHeaders: [Object],
_mimeOverride: null,
_request: null,
_response: null,
_responseParts: null,
_responseHeaders: null,
_aborting: null,
_error: null,
_loadedBytes: 0,
_totalBytes: 0,
_lengthComputable: false },
lengthComputable: false,
loaded: 0,
total: 0 } }
The certificate of my server and the server I call are trusted and valid. This is my server code:
import 'reflect-metadata';
import 'zone.js/dist/zone-node';
import { renderModuleFactory } from '@angular/platform-server';
import { enableProdMode } from '@angular/core';
import * as express from 'express';
import { join } from 'path';
import { readFileSync } from 'fs';
import './global.imports';
import * as https from 'https';
enableProdMode();
const PORT = Number(process.env.PORT) || 4001;
const HOST_NAME = process.env.HOST;
const DIST_FOLDER = join(process.cwd(), 'dist');
const app = express();
const template = readFileSync(join(DIST_FOLDER, 'browser', 'index.html')).toString();
const {AppServerModuleNgFactory} = require('main.server');
app.engine('html', (_, options, callback) => {
const opts = {document: template, url: options.req.url};
renderModuleFactory(AppServerModuleNgFactory, opts)
.then(html => callback(null, html));
});
app.set('view engine', 'html');
app.set('views', 'src');
app.get('*.*', express.static(join(DIST_FOLDER, 'browser')));
app.get('*', (req, res) => {
res.render('index', {req});
});
const privateKey = readFileSync(`${DIST_FOLDER}/server/config/ssl/key.pem`, 'utf8');
const certificate = readFileSync(`${DIST_FOLDER}/server/config/ssl/cert.pem`, 'utf8');
const credentials = {key: privateKey, cert: certificate};
// your express configuration here
const httpsServer = https.createServer(credentials, app);
httpsServer.listen(PORT, HOST_NAME, () => {
console.log(`listening to https://${HOST_NAME}:${PORT}`);
});
This is an evident problem with https, because if I put this env variable before nom start everything works, NODE_TLS_REJECT_UNAUTHORIZED=0, but it is not the solution because in this way I disable security.
How can I resolve this problem?
答案 0 :(得分:0)
我也面临着一个非常相似的问题,并且苦苦挣扎了几个小时。应用process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'修复程序对我有用,但是,正如您所说,缺点是,通过将应用程序暴露于中间人攻击下,您的应用程序的安全性受到了损害。
进一步调查后,我意识到问题不在Angular。我在Node shell中运行了https.get('<my-api-url>'),得到了Uncaught Error: unable to verify the first certificate。事实证明,我仅使用叶证书而不是全链证书(叶+ CA捆绑包)配置了API服务器。与浏览器不同,Node显然需要全链证书进行验证。
在我的服务器上安装全链证书后,问题消失了,而无需更改应用程序代码库。