Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't use https.Agent with node-fetch in bun and dispatcher from undici's fetch — can't add self signed certificate pinning #10642

Open
VityaSchel opened this issue Apr 29, 2024 · 3 comments
Open

Can't use https.Agent with node-fetch in bun and dispatcher from undici's fetch — can't add self signed certificate pinning #10642

VityaSchel opened this issue Apr 29, 2024 · 3 comments
Assignees
@nektro
Labels
bug Something isn't working

Comments

@VityaSchel
Copy link

What version of Bun is running?

1.1.4+fbe2fe0c3

What platform is your computer?

Darwin 23.4.0 arm64 arm

What steps can reproduce the bug?

  1. bun install node-fetch
  2. import nodefetch from 'node-fetch'
  3. use nodefetch('url', { agent: [any ssl agent] })
    bun will try to use internal fetch instead of node-fetch, so certificate pinning is not possible
    or
  4. fetch('url', { dispatch: })
    dispatch is not available

What is the expected behavior?

Please add certificate pinning

What do you see instead?

ERR_TLS_CERT_ALTNAME_INVALID: ERR_TLS_CERT_ALTNAME_INVALID fetching [...] For more information, pass verbose: true in the second argument to fetch()

Additional information

Also haven't found a reliable way to disable tls certificate checking for selected fetch calls, not for entire application. This could've been done with https.Agent rejectUnauthorized: false but bun does not have this
@VityaSchel VityaSchel added the bug Something isn't working label Apr 29, 2024
@Levent0z
Copy link

Levent0z commented May 3, 2024

use the agent property instead. The following code works just fine in node but fails in bun 1.1.6 with SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain.

// Using node-fetch
        return fetch(
            url,
            Object.assign(init || {}, {
                agent: function (_parsedURL) {
                    return new https.Agent({
                        cert: certInfo.cert,
                        ca: certInfo.ca,
                        key: certInfo.key
                    });
                }
            })
        );

@Levent0z
Copy link

Levent0z commented May 3, 2024

the dispatch property is used by the fetch method from the undici package. Like above, the following works fine in node but fails in bun 1.1.6:

        //// Using undici fetch, with undici agent
        return fetch(
            url,
            Object.assign(init || {}, {
                dispatcher: new Agent({
                    connect: {
                        cert: certInfo.cert,
                        ca: certInfo.ca,
                        key: certInfo.key
                    }
                })
            })
        );

@slvrtrn slvrtrn mentioned this issue Jul 3, 2024
Closed
@liudonghua123 liudonghua123 mentioned this issue Jul 4, 2024
Open
@Ivan-Baranov
Copy link

Clickhouse self signed certificate in certificate chain
ClickHouse/clickhouse-js#286

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nektro nektro

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Ivan-Baranov @nektro @Levent0z @VityaSchel