feat(integrations): add support for self-signed-cert-in-chain request error (#3399)

2025-06-15 21:42:25 +02:00
parent cad59aed00
commit e6cb35b7c2
3 changed files with 20 additions and 6 deletions
--- a/packages/api/src/router/integration/map-test-connection-error.ts
+++ b/packages/api/src/router/integration/map-test-connection-error.ts
@@ -36,6 +36,7 @@ const mapError = (error: Error): MappedError => {
 export interface MappedCertificate {
  isSelfSigned: boolean;
  issuer: string;
+  issuerCertificate?: MappedCertificate;
  subject: string;
  serialNumber: string;
  validFrom: Date;
@@ -47,6 +48,7 @@ export interface MappedCertificate {
 const mapCertificate = (certificate: X509Certificate, code: RequestErrorCode): MappedCertificate => ({
  isSelfSigned: certificate.ca || code === "DEPTH_ZERO_SELF_SIGNED_CERT",
  issuer: certificate.issuer,
+  issuerCertificate: certificate.issuerCertificate ? mapCertificate(certificate.issuerCertificate, code) : undefined,
  subject: certificate.subject,
  serialNumber: certificate.serialNumber,
  validFrom: certificate.validFromDate,
--- a/packages/common/src/errors/http/request-error.ts
+++ b/packages/common/src/errors/http/request-error.ts
@@ -36,7 +36,12 @@ export const requestErrorMap = {
    expired: ["CERT_HAS_EXPIRED"],
    hostnameMismatch: ["ERR_TLS_CERT_ALTNAME_INVALID", "CERT_COMMON_NAME_INVALID"],
    notYetValid: ["CERT_NOT_YET_VALID"],
-    untrusted: ["DEPTH_ZERO_SELF_SIGNED_CERT", "UNABLE_TO_VERIFY_LEAF_SIGNATURE", "UNABLE_TO_GET_ISSUER_CERT_LOCALLY"],
+    untrusted: [
+      "DEPTH_ZERO_SELF_SIGNED_CERT",
+      "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
+      "UNABLE_TO_GET_ISSUER_CERT_LOCALLY",
+      "SELF_SIGNED_CERT_IN_CHAIN",
+    ],
  },
  connection: {
    hostUnreachable: "EHOSTUNREACH",