ERR_CERT_AUTHORITY_INVALID and NS_ERROR_DOM_BAD_URI

Uppy
1

I’m trying to test an Uppy integration in a test environment with a staging SSL cert from LetsEncrypt. It is not going well, because I see an error when I try to upload files.

In Firefox, I see a failed OPTIONS request to https://uppy.example.com/s3/multipart with “CORS Failed” error. I also see a failed POST to the same URL, with NS_ERROR_DOM_BAD_URI.

In Brave, the same set of actions uploading a file I see different errors. “(failed) net::ERR_CERT_AUTHORITY_INVALID” on both OPTIONS and POST requests.

The CORS error I think has to do with how I’m making the requests. I have uppy.example.com, and next.example.com. next.example.com is where people visit, and uppy.example.com is where my Uppy companion server is at. Each of them are using LetsEncrypt staging SSL certs.

Seeing as it is a test environment with a staging SSL cert, Is there maybe a way to disable the SSL verification? I think that’s what’s causing the problem that Brave is seeing. Firefox on the other hand confuses me since it shows a CORS error. I think CORS errors are caused when the Companion server receives a request from a non-whitelisted host. In Uppy companion, I think this whitelist is configured using COMPANION_CLIENT_ORIGINS environment variable, which I have configured to be https://next.example.com.

I think I have COMPANION_CLIENT_ORIGINS configured correctly, so I don’t know why I’m seeing the CORS error in Firefox.

2

Following up to my own question, I found a workaround. I couldn’t find a way to bypass SSL verification in Firefox, but I did find a way in Bruno (the standalone program for making REST requests). Bruno has a SSL verification checkbox that I can uncheck, at which point it won’t care if the SSL is from Letsencrypt staging environment. Then I was able to make POST requests to the https://uppy.example.com/s3/multipart endpoint that Uppy uses, with the following JSON payload.

{
  "filename":"E1tB0KoUcAYJTni.jpg",
  "type":"image/jpeg",
  "metadata":{
    "name":"E1tB0KoUcAYJTni.jpg",
    "type":"image/jpeg"
  }
}

After making the request, I was able to see that my Uppy companion was throwing a 500 Internal Server Error, because I typed in the S3 endpoint incorrectly. So we went from one error to another, but this is definite progress!