insomnia: Newest update throws: SSL peer certificate or SSH remote key was not OK

Describe the bug

I have updated CODE today and now no request is working anymore. It throws the following:

SSL peer certificate or SSH remote key was not OK

To Reproduce

Idk ^^ maybe try to request a self-signet cert endpoint.

Steps to reproduce the behavior:

Go to ‘…’
Click on ‘…’
Scroll down to ‘…’
See error

Expected behavior

No browser or my App is throwing this so I expect it to just work.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

OS: [e.g. macOS 10.15.1]
Installation Method: [e.g. homebrew]
App Version [e.g. v7.0.3]

Additional context

Idk what the prev. version was or if there is any logs I could paste here. Just tell me.

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 28
Comments: 22 (5 by maintainers)

Links to this issue

node.js - Insomnia : Error: SSL peer certificate or SSH remote key was not OK - Stack Overflow

Most upvoted comments

I’m also hitting the same issue.

Edit: Fixed by unchecking “Validate certificates” in settings.

+198

baleeds on Jun 10, 2020

I have experienced the “SSL certificate problem: unable to get local issuer certificate” problem on my Win10 laptop and have solved it as follows for Insomnia 2021.4.1:

If not already included, add the CA cert PEM data into the ca-certs.pem file used by the Insomnia TLS client. Note, the file location is exposed in the timeline tab of the HTTPS response (adjust the userName and Insomnia version as needed).

* successfully set certificate verify locations:
*  CAfile: C:\Users\<userName>\AppData\Local\Temp\insomnia_2021.4.1\ca-certs.pem
*  CApath: none

For mTLS, create client certificate in the Insomnia Collection Settings for the host name of the TLS server and port (e.g. “server.example.com:8443”, and upload the client cert / key PEM data your TLS client wants to use with the HTTPS request.

sysarch-repo on Jul 18, 2021

I’m also hitting the same issue.

Edit: Fixed by unchecking “Validate certificates” in settings.

Works, but this is a security vulnerability. We have not found a way to get this working with validation aside from downgrading insomnia. Best I can tell is it is some weird incompatibility with how my company’s cert authority issues certs and insomnia. Would really like to see a fix for this so we can upgrade to latest versions.

designed4device on Jul 1, 2020

I am using an application API locally with an invalid ssl certificate and insomnia is not able to call it, it gives me a Error: SSL peer certificate or SSH remote key was not OK error

I went to the General settings and unchecked validate certificates checkbox, but it still shows me the same error… The request works on my browser well… It seems like a bug in insomnia where it is not disabling ssl validation.

The request even works fine on postman after disabling ssl validation.

valentinoPereira on Nov 4, 2022

just a clarification on prevous response by @richardjudgeman

the “CAfile” is just a text file with a list of base64 encoded certificates. You can open it in notepad and append another base64 encoded certificate (for example, your company’s Certficatioin Authority, which you can export in base64 format from certmgr.msc windows console)

i think insomnia needs a more apparent way of adding custom CAs. Many people use it corporate environment and probably just turn off the SSL valdation, which is not good.

ubeogesh on Aug 25, 2021

@MB175 i don’t think this is a viable approach anymore - i cannot find the CAfile anymore. Previously it could be found from the log on the “Timeline” tab. So apparently now the only way is to turn off certificate validation

ubeogesh on Nov 4, 2022

This issue should be finally fixed in the recently released v8.5.

subnetmarco on Dec 20, 2023

We are actively working on a resolution for this issue, we will link this issue to the PRs once they come out.

subnetmarco on Nov 16, 2023