Node.js https.request keep getting UNABLE_TO_VERIFY_LEAF_SIGNATURE

Question

So I've been stuck with this issue for a while now and whatever I try I keep getting the following socket error "UNABLE_TO_VERIFY_LEAF_SIGNATURE"

this.options = {
    method: 'PUT',
    host: **host**,
    port: **port**,
    ca: fs.readFileSync(__dirname + '/configs/certs/' + serverConfig.environment + "/cert.cer"),
    pfx: fs.readFileSync(__dirname + '/configs/certs/' + serverConfig.environment + "/cert.pfx"),
    passphrase: 'thepassphrase',
    rejectUnauthorized: false,
    strictSSL: false
};

function sendRequest (options, isSSL, callback) {

    var returnData = '', req;

    function getResponse(response) {
        response.on('data', function (chunk) {
            returnData += chunk;
        });

        response.on('end', function () {
            callback(null, returnData);
        });
    }

    var sendData = JSON.stringify(data);

    if (isSSL) {
         req = https.request(options, getResponse);
    } else {
         req = http.request(options, getResponse);
    }
    req.write(sendData);
    req.end();

    req.on('error', function (e) {
       callback(e.message, null);
    });
}

sendRequest(this.options, true, function (err, result){
 ...
}

The response object return in the getResponse function returns a 500 and the error mentioned in the subject line. I's using Node.js 0.12.

Any help would be appreciated.

Regards.

Answer 1

If you try to connect to a host that uses a certificate signed by an intermediary CA, this error occurs. You can solve this by setting

process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';

Many modules like the request module also supports an option rejectUnauthorized: false to avoid this problem.

But this is not recommended in production, because of security issues.