[qgis-qwc2] Error 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY' for WMS url with https
Thomas Schüttenberg
thomas at qgis.de
Thu Nov 4 06:50:38 PDT 2021
Hi again!
It turned out, that I was not using the right (top most?) root certificate, so sorry for the noise.
BUT I also learned, that (because I am on windows?) I had to provide the root-ca.pem file via environment variable [1]: 'NODE_EXTRA_CA_CERTS=D:\path\to\root-ca.pem'
Something like 'npm config set cafile "D:\path\to\root-ca.pem"' obviously was not enough, it had no effect...
[1] https://nodejs.org/api/cli.html#node_extra_ca_certsfile
All the best
Thomas
> Thomas Schüttenberg <thomas at qgis.de> hat am 03.11.2021 11:18 geschrieben:
>
>
> Hi there!
>
> I'm currently struggling with compiling my https QGSI server into a new themes.json file ad I hope someone can give me a clue.
>
> First of all, everything seems set up correctly[1], compiling the qwc-demo-app application bundle works and also a themes.json is created.
>
> Now, my QGIS server for production (intranet), that I want to use in QWC, is configured to use ssl and does work e.g. in QGIS desktop. But when I put this wms url in themesConfig.json the compilation crashes with an error reading my WMS projectsettings:
>
> Error: unable to get local issuer certificate
> at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
> at TLSSocket.emit (node:events:390:28)
> at TLSSocket._finishInit (node:_tls_wrap:944:8)
> at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
> code: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY',
>
> I tried this with my own WMS as well as a qgiscloud https-url with the same result.
>
> Though I am not quite sure, if this is a QWC issue, or related to our corporate network or the node/yarn components, maybe some of you managed to use https-wms in themesConfig.json?
>
> Btw, none of the solutions found on the web like 'yarn config set cafile "C:\path\to\cert.pem"' or (not recommended ) 'npm config set strict-ssl=false' did work for me. Also not sure, if the wanted cert is the same I included in my web-server configuration.
>
> Thankful for any hint, cheers
> Thomas
>
> [1] https://github.com/qgis/qwc2-demo-app/blob/master/doc/QWC2_Documentation.md#quick-start
> _______________________________________________
> qgis-qwc2 mailing list
> qgis-qwc2 at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/qgis-qwc2
More information about the qgis-qwc2
mailing list