SSL Issue when using JWTVerifier

croederLGP · October 16, 2019, 7:38pm

I am getting an error when I try to verify the JWT that was just issued in React. The top message is "Error while resolving signing key for kid “kKpKqOkzm8SLhje98jw0o9cZkDUCNESal6tHuabf4Ts”. The inner message is “Error: SSL Error: {oktaURL}/oauth2/default/v1/keys does not support SSL”, however if I request the keys url directly it happily responds using SSL. Any ideas what might be causing the issue? I want to inspect the JWT for a claim but currently can’t because of this issue.

const verifier = new OktaJwtVerifier({
  issuer: '{oktaURL}/oauth2/default',
  clientId: 'xxxxx'
});

const accessToken = await this.props.auth.getAccessToken()
verifier.verifyAccessToken(accessToken, 'api://default')
.then(jwt => {
  // the token is valid (per definition of 'valid' above)
  console.log("Claims:",jwt.claims);
})
.catch(err => {
  console.log(err)
  // a validation failed, inspect the error
});

Error: SSL Error: {oktaURL}/oauth2/default/v1/keys does not support SSL
at Request.push…/node_modules/request/request.js.Request.onRequestResponse (http://localhost:3000/static/js/1.chunk.js:127597:24)
at push…/node_modules/stream-http/lib/request.js.module.exports.emit (http://localhost:3000/static/js/1.chunk.js:40949:5)
at push…/node_modules/stream-http/lib/request.js.module.exports.push…/node_modules/stream-http/lib/request.js.ClientRequest._connect (http://localhost:3000/static/js/1.chunk.js:145627:8)
at http://localhost:3000/static/js/1.chunk.js:145526:12

jimklo · April 22, 2020, 3:53pm

Has anyone found a solution to this? Having the same issue.

dragos · May 4, 2020, 2:09am

Hi @jimklo

Can you please open a support case with us through an email to developers@okta.com, providing the error that you receive from the browser console logs? This would help in narrowing down the issue.

jimklo · May 4, 2020, 2:47am

@dragos I’ve already done that.

It seems the @okta/JWT-verifier only works in NodeJS and not in the browser.

Combined with the fact that there is no functional flask demo for verification with Okta, it was a bit disappointing. I finally figured it out, but not without a lot of hassle.

I’ve provided my solution to support which hopefully can be incorporated into your react-flask-crud sample.

system · January 24, 2024, 7:14pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.