You need to sign in to do that
Don't have an account?
Bryan Burman
"Unable to verify the first certificate" When Logging In Using SFDX
I am unable to successfully login using the Salesforce DX CLI. I have tried numerous techniques, all to no avail. In am on Windows 10 utilizing the latest version of the CLI from Powershell and Google Chrome as my web browser.
As a side note, the "sfdx update" command works successfully.
Technique 1. When logging in using what is supposed to be the easiest approach by using force:auth:web:login, the CLI opens a web browser. Once I enter my credentials, the OAuth flow calls back into localhost:1717, but apparently the CLI isn't listening. Chrome complains with an ERR_EMPTY_RESPONSE and no response payload. Command line indicates "Unable to verify the first certificate." Turning on logging (even at the trace level) does not reveal any additional information.
Technique 2. I created a self-signed certificate using openssl along with a new connected app. Then using the CLI, I utilized the force:auth:jwt:grant function. This failed with the same error message as above: "Unable to verify the first certificate."
Technique 3. I disabled SSL verification and strict SSL in npm and forced the CLI to go through Fiddler. I then configured Fiddler to ignore certificate errors. Still, neither one of the above techniques worked after this.
Any idea what I'm doing wrong?
As a side note, the "sfdx update" command works successfully.
Technique 1. When logging in using what is supposed to be the easiest approach by using force:auth:web:login, the CLI opens a web browser. Once I enter my credentials, the OAuth flow calls back into localhost:1717, but apparently the CLI isn't listening. Chrome complains with an ERR_EMPTY_RESPONSE and no response payload. Command line indicates "Unable to verify the first certificate." Turning on logging (even at the trace level) does not reveal any additional information.
Technique 2. I created a self-signed certificate using openssl along with a new connected app. Then using the CLI, I utilized the force:auth:jwt:grant function. This failed with the same error message as above: "Unable to verify the first certificate."
Technique 3. I disabled SSL verification and strict SSL in npm and forced the CLI to go through Fiddler. I then configured Fiddler to ignore certificate errors. Still, neither one of the above techniques worked after this.
Any idea what I'm doing wrong?
Do you have found any solution for this ? I have the exact same error and have used same technics. I have the issue only when I use my professional computer that is behind a proxy but with my personnal PC no problem. It seems like the problem comes from the specifications of the intermediate certificates.
Did someone found the answer?
I'm having the same problem.
Problem with port 1717 and the certificate using the VS Code.
Your firewall should allow access to localhost:1717, your computer should have a free port at 1717 (meaning, only one copy of the command line should be running at once), you should update your command line to the latest version via sfdx update, or as a final resort, try reinstalling the command line. You might also need the assistance of IT if your firewall, antivirus, or some other configuration is blocking access to localhost.