badunk badunk - 10 months ago 47
Node.js Question

Where is node's certificate store?

I am making an https request (using the request module) to a server with a self-signed cert. It throws an error if I don't specify

strictSSL: false
as an option.

This cert is already trusted on my OS (OSX), such that Chrome doesn't throw an error while accessing a webpage from that server.

I understand different applications/environments may have their own certificate stores. Firefox has its own, and the JVM, for example, is usually at $JAVA_HOME/jre/lib/security/cacerts (on OSX).

My question is, where does node look for its trusted CA's? Is there such a concept? I'd like to add my self-signed cert there for development purposes.

Joe Joe

There is not a store. You can pass a ca option to the https request to tell it what CAs you do trust.

From the docs: The following options from tls.connect() can also be specified. However, a globalAgent silently ignores these.

ca: An authority certificate or array of authority certificates to check the remote host against.

In order to specify these options, use a custom Agent.

var options = {
  ca: CA or [array of CAs]

options.agent = new https.Agent(options);

var req = https.request(options, function(res) {