Node.js HTTPS 400 Error - 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'

Question

I'm writing a Node.js app that has to request some data from one of our internal APIs. The tricky part is that the server I'm requesting data from has certain limitations:

• The request must be made on HTTPS protocol (not HTTP)
• The request must be made using a LAN IP address, because the domain name will not work internally
• The request must appear to be requesting from the external domain name, because that is what the Virtual Host is setup for.

In order to do this, I'm running a bit of code that looks like this:

var headers = {
    Host: externalHostname,
    Hostname: externalHostname,
};

var options = {
    host: InternalIP,
    path: path,
    method: 'GET',
    headers: headers
};

var req = https.request(options, function(res) {
    res.setEncoding('utf8');

    var data = "";

    res.on('data', function(chunk) {
        data += chunk;
    });

    res.on('end', function() {
        //Do something with that data
    });

    res.on('error', function(err) {
            console.log("Error during HTTP request");
            console.log(err);
    });
});

req.end();

Unfortunately, I'm getting a 400 (Your browser sent a request that this server could not understand) error as a response. I've double and triple checked that the hostname, ip address, and path name are all correct (I can test them from within my browser, and all is good).

I did an output of my response variable (res), and am receiving an authorizationError value of UNABLE_TO_VERIFY_LEAF_SIGNATURE. I'm not sure what that is, or if it's my problem, but it's the only useful bit of information I could find.

I put a full output of my response variable here.

Any ideas on what might be causing this?

Update: I figured it out! I was trying to authenticate with the server by passing a ?PHPSESSID=asdad GET variable, but they have that disabled. I was able to make it work by setting PHPSESSID in the Cookie header.

Answer 1

set this process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';