解决openresty发送https请求时 lua ssl certificate verify error lua ssl certificate verify error: (20: unable to get local issuer certificate)问题。发送请求前需要给lua指定一个受信任的证书。

lua请求:

function _M.http_get(self, url, timeout)
     local http = require "resty.http"
     local httpc = http.new()
 
     timeout = timeout or 30000
     httpc:set_timeout(timeout)
 
     local res, err = httpc:request_uri(url, {
         method = "GET",
         headers = {
             ["Content-Type"] = "application/x-www-form-urlencoded",
       }
     })
     httpc:set_keepalive(5000, 100)
     --httpc:close()
     return res,err
end
 
---example
local weUrl = 'https://api.weixin.qq.com/sns/jscode2session'
local res, _err = _M:http_get(weUrl, 15000)

一、给lua指定证书

# fix lua ssl certificate verify error lua ssl certificate verify error: (20: unable to get local issuer certificate) 
#bash
yum install ca-certificates
update-ca-trust
cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-lua.pem
 
#Nginx.conf
lua_ssl_verify_depth 2;
lua_ssl_trusted_certificate '/etc/ssl/certs/ca-lua.pem';

如何解决openresty lua ssl certificate verify error

二、遇到的其他问题解决

#nginx.conf
resolver 223.5.5.5 223.6.6.6 1.2.4.8 114.114.114.114 8.8.8.8 valid=3600s;


评论(0条)

刀客源码 游客评论