@digitalattitude/system-ca-win32 v1.1.0-dtttd3-node9

win-ca

Get Windows System Root certificates for Node.js.

Rationale

In Node.js, HTTPS requests are validated against a built-in list of Certification Authorities.

Node uses a statically compiled, manually updated, hardcoded list of certificate authorities, rather than relying on the system's trust store... Read more

Accessing a website with a self-signed certificate, or accessing any website through a Proxy which performs HTTPS decryption and inspection (almost any corporate environment) will result in an SSL error: Error: self signed certificate in certificate chain, and there is no easy way to ignore this error whithout disabling SSL validation completely.

This package is intended to get Root CAs from Windows' store and make them available to Node.js https requests.

Usage

npm install --save system-ca-win32.

const fetch = require("node-fetch");
const HttpsProxyAgent = require("https-proxy-agent"); // example when using an ssl-inspecting proxy

const ca = require('system-ca-win32');

const options = url.parse("http://10.10.10.132:8080");
options.ca = ca;

fetch("https://www.google.com", {
  agent: new HttpsProxyAgent(options),
})
  .then(body => {
    return console.log("Done: ", body.status);
  })
  .catch(e => {
    return console.error(e);
  });

API

const ca = require('system-ca-win32');

ca will contain an Agent-compatible list of Certification Authorities, which can be directly assigned to options.ca when constructing a new Agent.

Only a synchronous implementation is provided currently. The default behavior is to cache the result of the first call, and always respond with a cached result. You can call ca.clearCache() to clear this cache.

Credits

Based on win-ca-ffi.

Uses node-forge and node-ffi.