nodejs environment variable "NODE_EXTRA_CA_CERTS"
Asked Answered
O

2

8

I am developing a mobile application based on Ionic + Angular + Cordova + Node js.

the application visits a https server via window.XMLHttpRequest:

module.exports = function request (method, url, body, headers) {
  return new Promise(function (resolve, reject) {
    var xhr = new window.XMLHttpRequest()

    xhr.open(method, url)

    xhr.onload = function () {
      return resolve({
        status: xhr.status,
        body: xhr.responseText
      })
    }

    xhr.onerror = xhr.onabort = function () {
      return reject(new Error(xhr.statusText || 'XHR aborted: ' + url))
    }

    Object.keys(headers).forEach(function (header) {
      xhr.setRequestHeader(header, headers[header])
    })

    xhr.send(body)
  })
}

for this function to be executed, an appropriate root CA need to be inserted into node environment. since I do not control the code that makes the https request, I would prefer a policy/config based approach that enables an extra root CA into node js.

I searched around, and found out that node had actually provided a environment variable 'NODE_EXTRA_CA_CERTS' that seems to meet my purpose.

yet I can not find any examples on how to utilize this variable.

my implementation is to install the npm package dotenv-webpack.

added a .env file which contains configuration 'NODE_EXTRA_CA_CERTS=./assets/cert/cacert.pem' (file path to the appropriate root CA).

I can verify that the variable NODE_EXTRA_CA_CERTS had been successfully set. yet it did not seem to have any effects. the access to the server was denied because of security.

so my question: can anyone please provide an example on how to utilize the variable 'NODE_EXTRA_CA_CERTS'?

thanks

Oviposit answered 9/6, 2017 at 14:9 Comment(0)
P
6

So the env variable you are talking about is provided at a "system" level so you shouldn't need to define the variable locally in the env file.

If you wanna access the variable, you should use the following configuration on dotenv-webpack:

Dotenv({
  systemvars: true
})

This will allow you to access the system-level variables. To access the variable you will use the variable: process.env.NODE_EXTRA_CA_CERTS.

  • process stores information about the node process running.
  • env stores all the environment variables (that get populated by dotenv-webpack).

You can read more about the process global variables here: https://nodejs.org/api/process.html

Pestalozzi answered 26/7, 2017 at 11:37 Comment(0)
O
0

NODE_EXTRA_CA_CERTS must be set in the environment when Node starts. By the time Dotenv loads your env file it is too late to change it.

From the documentation:

The NODE_EXTRA_CA_CERTS environment variable is only read when the Node.js process is first launched. Changing the value at runtime using process.env.NODE_EXTRA_CA_CERTS has no effect on the current process.

See https://github.com/nodejs/node/issues/51426 for discussion about possibly changing that behavior.

Ondrej answered 24/9 at 14:7 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.