UNABLE_TO_GET_ISSUER_CERT_LOCALLY error when calling the Coinbase NODEJS API
According to Coinbase they updated their certificates at 10.30am PST yesterday. The node client has strictSSL set to true so requests will fail as the certificate chain fails.
Fix: when you initiate the client you can either set strictSSL to false or pass in the new valid certificates.
Set strictSSL to false:
var Client = require('coinbase').Client;
var client = new Client({
apiKey: mykey,
apiSecret: mysecret,
strictSSL: false
});
update cert files (you should be able to export them here - https://baltimore-cybertrust-root.chain-demos.digicert.com/ or try coinbase.com and export there):
var Client = require('coinbase').Client;
var client = new Client({
apiKey: mykey,
apiSecret: mysecret,
caFile: myNewCertFile
});
myNewCertFiles should follow this files format with the updated certs: https://github.com/coinbase/coinbase-node/blob/master/lib/CoinbaseCertStore.js
"What are the security risks (if any) associated with setting strictSSL to false? How do you "export" the new SSL certificates?" The connection is encrypted, and TLS prevents tampering, BUT will strictSSL off it's theoretically possible to do a MITM (Man In The Middle) attack, since the SSL certificate is not fully checked to make sure it's authentic, some hoser (the man in the middle) could use a fake certificate. I'd switch it to get going, but get new certificates going as soon as possible.