Get 'Unable to verify leaf signature' when making Http.call in Vagrant VM

jammy · August 24, 2016, 10:56am

Bit of a noob to Meteor so not sure if this is a problem with Meteor, with the HTTP package or with my local machine/Vagrant/VirtualBox.

I have a very basic Meteor app that makes an API call with an XML payload over HTTPS:

	var response = HTTP.call('POST', apiUrl, {
		headers: {
			'X-C2CXML-SESSIONID': '',
		},
	    data: data,
	    "rejectUnauthorized": false,
	    agentOptions: {
			secureProtocol: 'SSLv3_method'
		},
	});

As you can see from the call I’ve already tried to add rejectUnathorised and secureProtocol in the agentOptions object without success. I’ve also tried running npm config set strict-ssl false from the command line within my VM.

Any suggestions?

hwillson · August 24, 2016, 12:46pm

This sounds like an SSL cert CA issue. Maybe take a look a the npm ssl-root-cas package. Once installed, try something like:

import sslRootCas from 'ssl-root-cas/latest';
sslRootCas.inject();

somewhere in your server code, to download the latest root CA files, then try your HTTP.call again.

jammy · August 29, 2016, 10:19pm

Thanks for the suggestion. Took me a while to find the spare time to carry out your advice.

I’ve installed the npm module, I have import sslRootCas from 'ssl-root-cas/latest'; at the top of my server.js file and sslRootCas.inject(); within the startup method but I’m still getting the same error message?