NodeJS http-proxy: DEPTH_ZERO_SELF_SIGNED_CERT error when proxying https

Question

I'm following online examples using the latest version of nodejs and http-proxy, but get the following error when my request is sent to the endpoint https server:

C:\Users\Me\node_modules\http-proxy\lib\http-proxy\index.js:114
throw err;       
Error: DEPTH_ZERO_SELF_SIGNED_CERT
at SecurePair.<anonymous> (tls.js:1370:32)
at SecurePair.EventEmitter.emit (events.js:92:17)
at SecurePair.maybeInitFinished (tls.js:982:10)
at CleartextStream.read [as _read] (tls.js:469:13)
at CleartextStream.Readable.read (_stream_readable.js:320:10)
at EncryptedStream.write [as _write] (tls.js:366:25)
at doWrite (_stream_writable.js:226:10)
at writeOrBuffer (_stream_writable.js:216:5)
at EncryptedStream.Writable.write (_stream_writable.js:183:11)
at write (_stream_readable.js:582:24)

My code is very simple:

var httpProxy = require('http-proxy');
var http = require('http');
var fs = require('fs');

var apimcert = fs.readFileSync('./mycert.pfx');
var proxy = httpProxy.createProxyServer({});

var options = {
  pfx: apimcert,
  passphrase : 'pAssw0rd',
  rejectUnauthorized : 'false',
  agent: false
};

var server = require('https').createServer(options, function(req, res) {
  console.log("Got a request " + req);
  proxy.web(req, res, {
      ssl: {
        pfx : apimcert,
        passphrase : 'pAssw0rd',
        rejectUnauthorized : 'false'

        //strictSSL: false
      },
      target: 'https://endpointhost:9443/postev',  
      secure: true       
  }

  );
});

console.log("listening on port 9442")
server.listen(9442);

If I set secure : false then the request does get forwarded to the endpoint, but obviously gets sent back with a 403 forbidden response. The certificate and passphrase I'm using are the ones from my endpoint server, and I've tested that they do work when sending the request directly. All I want my proxy to do is to examine the contents of the requests, log a message for each one, and then forward to the endpoint server.

I've googled this problem and tried fiddling around with agents and strictSSL, but to no avail.

Answer 1

I using Ant design prowith umi. just add this secure: false, to proxy.ts

proxy: {
  '/myapi': {
      target: 'https://localhost:8443',
      changeOrigin: true,
      secure: false, // 不进行证书验证
    },

umi will auto reload config, just fresh the browser and all good.

Answer 2

Try passing {rejectUnauthorized: false} to httpProxy.createProxyServer()