restify JSON client returns DEPTH_ZERO_SELF_SIGNED_CERT error

Question

I have server runing on heroku with heroku SSL addon. Server is created with this options:

name: 'ServerName',
version: '1.0.0',

And the I run server like this:

    server.listen(process.env.PORT || 5000)

And it works fine, I can call my api for example: https://myapp.herokuapp.com/some-path. SSL cert on heroku is self-signed so there is a big warning in webbrowser but I can click continue and it works.

When I want to call my server with restify JSON client, created as follows:

var client   = restify.createJsonClient({
    url: 'https://myapp.herokuapp.com'
});

and then call some api like this client.get('/some-path',...) then client returns error:

DEPTH_ZERO_SELF_SIGNED_CERT

I tried to set option rejectUnauthorized on both server and client (as constructor option) but it didnt help...

Answer 1

I've just tested on my own HTTPS server with a self-signed certificate. rejectUnauthorized on the client side should definitely solve it for you

var restify = require('restify'),

    client = restify.createJsonClient({
        url: 'https://127.0.0.1/booking',
        rejectUnauthorized: false
    }),

    assert = require('assert');

describe('/booking/ component\'s JSON-HAL HTTP API description', function () {
    it('responds with status 200', function (done) {
        client.get('/', function (error, request, response) {
            assert(!error);
            assert.strictEqual(response.statusCode, 200);
            done();
        });
    });
});

As soon as I remove the rejectUnauthorized option, the test fails with DEPTH_ZERO_SELF_SIGNED_CERT.

Answer 2

For me rejectUnauthorized didn't work. Finally I ended up with:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

And it works...