Socket.io + SSL + self-signed CA certificate gives error when connecting

Question

I am running an https server using a certificate which was created using a self-signed CA certificate.

Now I want to connect Socket.io client to the Socket.io server that is attached to the https server. Unfortunately, I get an error, telling me:

Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
    at SecurePair.<anonymous> (tls.js:1271:32)
    at SecurePair.EventEmitter.emit (events.js:92:17)
    at SecurePair.maybeInitFinished (tls.js:883:10)
    at CleartextStream.read [as _read] (tls.js:421:15)
    at CleartextStream.Readable.read (_stream_readable.js:293:10)
    at EncryptedStream.write [as _write] (tls.js:330:25)
    at doWrite (_stream_writable.js:211:10)
    at writeOrBuffer (_stream_writable.js:201:5)
    at EncryptedStream.Writable.write (_stream_writable.js:172:11)
    at write (_stream_readable.js:547:24)
    at flow (_stream_readable.js:556:7)

Basically, this error tells me that the certificate could not be verified successfully. This is due to the fact the the according CA certificate is self-signed. When using a https request, I can specify CAs whom I trust.

How can I make Socket.io connect in this case?

PS: I am running Node.js 0.10.0 and Socket.io 0.9.13.

Answer 1

four years later but for any finding this post like me if you need to force client socket to not reject a self-signed server cert you need rejectUnauthorized: false as in const socket = require('socket.io-client')('https://192.168.0.31', { transports: ['websocket'], rejectUnauthorized: false }) from https://github.com/socketio/engine.io-client#methods

also there is now a good source for free certs so now you don't even have to be "cheap d*ck" https://letsencrypt.org/

Answer 2

For socket.io 1.0 (not sure about 0.9), there are details of how to get the node client to connect to an invalid cert here: https://stackoverflow.com/a/24235426. (Thanks to @3rdEden's comment above.) I find that self-signed SSL certs can be convenient for development servers.