diff --git a/packages/grpc-js/src/channel-credentials.ts b/packages/grpc-js/src/channel-credentials.ts index 16739a63..5eec9225 100644 --- a/packages/grpc-js/src/channel-credentials.ts +++ b/packages/grpc-js/src/channel-credentials.ts @@ -268,7 +268,7 @@ class SecureConnectorImpl implements SecureConnector { }; return new Promise((resolve, reject) => { const tlsSocket = tlsConnect(tlsConnectOptions, () => { - if (!tlsSocket.authorized) { + if ((this.connectionOptions.rejectUnauthorized ?? true) && !tlsSocket.authorized) { reject(tlsSocket.authorizationError); return; } @@ -364,7 +364,7 @@ class CertificateProviderChannelCredentialsImpl extends ChannelCredentials { const tlsSocket = tlsConnect(tlsConnectOptions, () => { tlsSocket.removeListener('close', closeCallback); tlsSocket.removeListener('error', errorCallback); - if (!tlsSocket.authorized) { + if ((this.parent.verifyOptions.rejectUnauthorized ?? true) && !tlsSocket.authorized) { reject(tlsSocket.authorizationError); return; } diff --git a/packages/grpc-js/test/test-channel-credentials.ts b/packages/grpc-js/test/test-channel-credentials.ts index a03ec41b..b40d9400 100644 --- a/packages/grpc-js/test/test-channel-credentials.ts +++ b/packages/grpc-js/test/test-channel-credentials.ts @@ -218,6 +218,15 @@ describe('ChannelCredentials usage', () => { } ); }); + it('Should accept self-signed certs with acceptUnauthorized', done => { + const client = new echoService(`localhost:${portNum}`, grpc.credentials.createSsl(null, null, null, {rejectUnauthorized: false})); + client.echo({ value: 'test value', value2: 3 }, (error: ServiceError | null, response: any) => { + client.close(); + assert.ifError(error); + assert.deepStrictEqual(response, { value: 'test value', value2: 3 }); + done(); + }); + }); }); describe('Channel credentials mtls', () => {