ForestAdmin server TLS certificate cannot be verified

Feature(s) impacted

ForestAdmin server connection and initialization

Observed behavior

I’m encountering an error related to the verification of the ForestAdmin server’s TLS certificate when I run the command npm run start:prod . The error suggests checking if the system time is set properly, but I’ve confirmed it’s accurate.

Expected behavior

The ForestAdmin server should be connected and initialized without any issues related to the TLS certificate verification.

Failure Logs

Error: ForestAdmin server TLS certificate cannot be verified. Please check that your system time is set properly.
at ServerUtils.handleResponseError (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/forestadmin-client/dist/utils/server.js:28:19)
at ServerUtils.query (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/forestadmin-client/dist/utils/server.js:23:18)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async IpWhiteListService.getConfiguration (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/forestadmin-client/dist/ip-whitelist/index.js:12:22)
at async IpWhitelist.bootstrap (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/agent/dist/routes/security/ip-whitelist.js:19:30)
at async Promise.all (index 4)
at async Agent.getRouter (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/agent/dist/agent.js:150:9)
at async Promise.all (index 0)
at async Agent.buildRouterAndSendSchema (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/agent/dist/agent.js:165:26)
at async Agent.start (/home/cjsymeeg/nodevenv/api/18/lib/node_modules/@forestadmin/agent/dist/agent.js:57:24)


  • Node.js version : v18.14.1
  • Agent (forest package) name & version: “@forestadmin/agent”: “^1.27.1”,
  • Database type: MySQL
  • Additional context: NestJS project

Hello @valentin, and welcome back

Can you please provide some more info regarding your issue:

  • What is the name of your project. Is it ‘on-premise’ deployement ? Do you use a custom domain ?
  • Did you manage to successfully run the project on any environment before prod ?
  • If you managed to deploy in production, but cannot start the server anymore, did you perform any changes in your production setup/config?
  • Are your production server certificate-authorities keychains up to date ?
  • what is the value of the following env variables: FOREST_URL and NODE_TLS_REJECT_UNAUTHORIZED ?

Adding NODE_TLS_REJECT_UNAUTHORIZED=0 in .env file as solved my problem :slight_smile:

Thank you @Nicolas.M

I’m glad that you found a solution that works for you.
Please remember that bypassing TLS check should only be done for dev purposes.

Cheers !