Troubleshooting

Error: unable to verify the first certificate

When making request from a server (e.g. Node.js) to .local domain over https, the server may not have access to the LocalCan’s Root Certificates which is trusted on macOS, or doesn’t accept self-signed certificates.

For example Node.js (and so, other JS server frameworks) only take into account CAs from Mozilla CA store as supplied by the current Node.js version.

Solution:

There are 2 options (choose one):

  1. Add RootCA.pem to trusted CA list in your framework, so it can verify server certificate.

    In Node.js set NODE_EXTRA_CA_CERTS environment variable to point to RootCA.pem

    This could be done in couple ways, for example by editing package.json dev script, so every time you run npm run dev this variable will be set.

    package.json
    ...
"scripts": {
	"dev": "NODE_EXTRA_CA_CERTS=/path/RootCa.pem node app.js"
},
...

  2. Disable certificate validity checks when making requests.

    In Node.js there is a flag you can set to false rejectUnauthorized: false

Note that you should only make above changes in your development environment, not in production.

© 2024 LocalCan™. All rights reserved.