TheHive: self signed certificate

Hi all!
I’ve tried some experiments with wonderful n8n and TheHive and got an error on the first stage.

My error is:

Error: TheHive error response [undefined]: self signed certificate

Yes, I am using SSC.
Could I bypass this restriction somehow?

Welcome to the community @Dmytro_Biletskyi

The HTTP library we use has a parameter called rejectUnauthorized . I believe that if this parameter is set to false your issue should be solved. Perhaps we expose that parameter in the credentials so that the user can active/deactivate depending on the use case.

Oh, thanks!
Could you please give some details on how to set rejectUnauthorized to false?

It will be wonderful if you’ll add ability to active/deactivate it using UI!

I’m running docker version

Ehm do I understand you correctly @Dmytro_Biletskyi that you are using TheHive node and not the HTTP Request node?

Because then it would not be possible yet and we would first have to add that option also to that node.

Yes, you are right
So, to disable SSL validation I should use ‘http request’ to thehive instance instead?

I am totally new to n8n, sorry for stupid questions:)

Because then it would not be possible yet and we would first have to add that option also to that node.
I think it will be very helpful for many users if this option will be added in future!

The HTTP Request node is not very helpful for you there. You would have to do then everything manually.

Yes, agree. We added it to our ToDo list as it should be very simple to implement.

wow, sounds great!
Waiting :slight_smile:

You could use NODE_EXTRA_CA_CERTS environment variable to trust the self signed cert, or NODE_TLS_REJECT_UNAUTHORIZED to disable validation from everything (not the preferred way though). I’m personally using the NODE_EXTRA_CA_CERTS with TheHive :slight_smile:

1 Like

something like this?

I wouldn’t mess with the package.json like in that guide, but you need to create the file containing your own trusted certs (like in the guide’s step 1), and then mount it inside the docker container and set the environment variable, so this should work:

docker run -v /path/to/your/extra-ca-certs.pem:/extra-ca-certs.pem -e NODE_EXTRA_CA_CERTS=/extra-ca-certs.pem -p 5678:5678 n8nio/n8n

Could I use OpenSSL to generate required cert?

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

If not, could you please give a hint on how to do it