How do I trust a self signed cert using https?

Question

Edit: I originally thought the server's certificate was self signed. Turns out it was signed by a self-signed CA certificate.

I'm trying to write a Node.js application that accesses an HTTPS site that's protected using a self-signed certificate certificate signed by a private, self-signed CA certificate. I'd also like to not completely disable certificate checking.

I tried putting the self signed certificate server's certificate in the request options, but that doesn't seem to be working. Anyone know how to do this?

I expect the following code to print statusCode 200, but instead it prints [Error: SELF_SIGNED_CERT_IN_CHAIN].

I've tried similar code with request with the same results.

var https = require('https');
var fs = require('fs');

var opts = {
    hostname: host,
    port: 443,
    path: '/',
    method: 'GET',
    ca: fs.readFileSync(serverCertificateFile, 'utf-8')
};

var req = https.request(opts, function (res) {
    console.log('statusCode', res.statusCode);
});

req.end();
req.on('error', function (err) {
    console.error(err);
});

Answer 1

The error [Error: SELF_SIGNED_CERT_IN_CHAIN] is the clue to what's going on here.

That's an indication that the HTTPS server's certificate was signed by a self signed certificate, not that it's a self signed certificate itself. If the server certificate were self signed, the error would be [Error: DEPTH_ZERO_SELF_SIGNED_CERT].

If you provide the CA certificate instead of the server's certificate, it should work.