How could I get around the self-signed certificate error?

Answered

American Curl posted this in #help-forum

American CurlOP

2024-10-31T02:52:24.993Z

Hi, I switched to connect to the backend server which has a self-signed certificate. Then the Error: self-signed certificate error occurred. How could I get around it? This is how I configured to use it in next.config.mjs:

async rewrites() {
  return [
    {
      source: '/api/:path',
      destination: 'https://mydomain/api/:path'
    }
  ]
}

It worked with the HTTP server, so the error implied that it was about the HTTP certificate. So how could I get around it in development? Thanks.

Answered by Anay-208

Hmm, why are you rewriting requests, why don't you directly send to mydomain

View full answer

32 Replies

Anay-208

2024-10-31T05:46:30.162Z

So If I'm right, you are rewriting a request to a different website.

Is the mydomain hosted by you?

American CurlOP

2024-10-31T06:29:44.668Z

yes. I just upgraded to use HTTPS which has a self-signed certificate.

Anay-208

2024-10-31T06:34:44.326Z

Hmm, why are you rewriting requests, why don't you directly send to mydomain

Answer

American CurlOP

2024-10-31T06:35:51.405Z

There's CORS issue if I send to mydomain, so this avoids fixing the CORS issue😅

Anay-208

2024-10-31T06:36:15.756Z

fix the CORS issue then, use npmjs package cors

American CurlOP

2024-10-31T06:36:20.158Z

It's been deployed by the backend developer that the API and the frontend portal in the same nginx.

Anay-208

2024-10-31T06:36:35.450Z

https://www.npmjs.com/package/cors

American CurlOP

2024-10-31T06:36:51.151Z

Thanks, I will check out.

Anay-208

2024-10-31T06:37:00.983Z

It needs to be added to the backend

With this approach, it might use more memory rewriting requests

Once your issue is resolved, mark solution please

American CurlOP

2024-10-31T06:38:41.964Z

How can I mark it?

I see.

Are there any other solutions?

I think this should be common case using rewrites to redirect to the backend.

It's like a proxy.

Anay-208

2024-10-31T06:41:22.627Z

No, it is only if an api key is being passed

or some sensitive info, which shouldn't be shown to client

American CurlOP

2024-10-31T06:46:10.569Z

I searched online. There're some solutions like adding NODE_TLS_REJECT_UNAUTHORIZED=0, but none is workign.

Is this used in backend to fix the CORS issue?

Anay-208

2024-10-31T06:46:50.168Z

yes

even if you post on stackoverflow, your post will get -1 since this is not a good approach

Anay-208

2024-10-31T07:38:14.910Z

@American Curl Let me know if you need any further help regarding this.

If you want to proxy through your nextjs app(NOT RECOMMEND AT ALL), a approach would be to:
- create a api route, /api/[...slug]/route.ts
- Get the slug, and send the request to domain/slug, with same body & headeres

American CurlOP

2024-10-31T07:58:28.793Z

Thanks. I just started using this. And I didn't use this feature yet.

We just switched to Static Exports to build the application, so I'm not sure if it's supported feature.

Anay-208

2024-10-31T07:59:30.533Z

it won't work then

With static

American CurlOP

2024-10-31T07:59:49.812Z

Meantime, I'm talking with backend guys to help fix CORS issue from backend then I can access the API directly.

I'm asking to make sure if there are solutions for the rewrites case.

Anay-208

2024-10-31T08:03:28.770Z

Ping me if you've any more queries

in a different thread

American CurlOP

2024-10-31T08:03:44.041Z

Great, thanks.