Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Critical and self-signed certificates

See original GitHub issue

First, many thanks for critical – I’ve been using it for years, and love it.

I’ve run into an issue recently where I have SSL enabled on local dev, which is also where I build the critical css using gulp and critical. It took me a bit to figure out what was going on, because I’d run critical and no output at all would appear (no errors, no critical css written out).

It turns out that because the https certificate is self-signed, it’s failing to render the page in PhantomJS. I google’d a bit, and found that something such as this needs to be added:

 'phantomjs.cli.args': ['--ignore-ssl-errors=true',  '--web-security=false']

But is there a way to pass this down to phantomjs via critical?

Issue Analytics

State:
Created 7 years ago
Reactions:1
Comments:6

Top GitHub Comments

3reactions

khalwatcommented, Nov 9, 2016

I didn’t see any errors output at all. What I did for a temporary fix is to allow the website to run both http and https in local dev.

I’d ideally like to be able to pass params down to Penthouse/PhantomJS via Critical. I can see it being useful for this, as well as other issues.

1reaction

gmhendersoncommented, Nov 8, 2016

Here’s the error I’m seeing (not sure if it’s the same as you):

[10:30:31] Error: self signed certificate
    at Error (native)
    at TLSSocket.<anonymous> (_tls_wrap.js:1060:38)
    at emitNone (events.js:86:13)
    at TLSSocket.emit (events.js:185:7)
    at TLSSocket._finishInit (_tls_wrap.js:584:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:416:38)

This is actually an error from request. A quick and dirty hack is to replace line 85 of file-helper.js with:

request({url: uri, strictSSL: false}, function (err, resp) {

The strictSSL option needs to be set to false.

Top Results From Across the Web

What is a Self-Signed Certificate? Advantages, Risks ...

Compromised self-signed certificates can pose many security challenges, since attackers can spoof the identity of the victim. Unlike CA-issued ...

Cybersecurity Risks of Using Self-Signed Certificates

Dangers of Using Self-Signed Certificates · Root certificates can be leaked · Certificate warnings can be ignored · Brand reputation damage.

Self-Signed Certificates: What are they and why should you ...

Knowing the difference between self-signed and CA-signed certificates is important, but what exactly is a self-signed certificate?

Self-Signed Certificates Best Practices and How-to Guide

Self -signed certificates are widely used for testing/development and sometimes in ... keyUsage =critical, digitalSignature, keyEncipherment.

Self Signed Certificate vs CA Certificate — The Differences ...

A self-signed certificate is created, signed, and issued by the subject of the certificate (the entity it is issued to), while a CA...

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.

Start Free

Top Related Reddit Thread

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

Critical and self-signed certificates

Issue Analytics

Top GitHub Comments

Top Results From Across the Web

Top Related Medium Post

Top Related StackOverflow Question

Troubleshoot Live Code

Top Related Reddit Thread

Top Related Hackernoon Post

Top Related Tweet

Top Related Dev.to Post

Top Related Hashnode Post

Penthouse error blocks generating file

overriding image paths