-
Notifications
You must be signed in to change notification settings - Fork 12k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cli option to configure add cerificate authority for SSR fetch requests #28833
Comments
I would expect I don't think Angular would want to diverge from system behavior here, so I'm inclined to avoid adding a new option and just match system behavior, but I'm not sure what we could be doing here which would be breaking it. |
If i run the compiled SSR app manually via
Matching system behaviour, meaning getting |
There is test code in /tests/legacy-cli/e2e/tests/vite/ssr-with-ssl.ts#L50 which seems to use
to mitigate the described problem. Setting |
I'm having trouble fully understanding the problem description. When running
If the problem persists I suggest to provide a minimal reproduction that we can take a look at. |
Thanks for reporting this issue. However, you didn't provide sufficient information for us to understand and reproduce the problem. Please check out our submission guidelines to understand why we can't act on issues that are lacking important information. If the problem persists, please file a new issue and ensure you provide all of the required information when filling out the issue template. |
Command
serve
Description
Hi there!
If your SSR HttpClient (
withFetch()
) currently requests data server side from an API that uses TLS signed by a custom CA you may receive aUNABLE_TO_GET_ISSUER_CERT_LOCALLY
error.While the compiled SSR application runs fine with
node dist/yada/server/server.mjs
, usingng serve
to start the application will produce the mentioned error.node
probably works fine because it uses the system CAs(?). Butng serve
seems to have its own idea about root CAs.Describe the solution you'd like
If i am not ignorant to "the obvious and usual way to solve this", could this please be considered as something to be solved via CLI options?
Or
ng serve
maybe could be taught to obey NODE_EXTRA_CA_CERTS?Thank you!
Describe alternatives you've considered
The text was updated successfully, but these errors were encountered: