cannot connect to https host using custom root CAs

[koma75]

Setting a https://testcrowd.example.com/ for base emits an error as follows.

events.js:72
        throw er; // Unhandled 'error' event
              ^
Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
    at SecurePair.<anonymous> (tls.js:1367:32)
    at SecurePair.emit (events.js:92:17)
    at SecurePair.maybeInitFinished (tls.js:979:10)
    at CleartextStream.read [as _read] (tls.js:471:13)
    at CleartextStream.Readable.read (_stream_readable.js:340:10)
    at EncryptedStream.write [as _write] (tls.js:368:25)
    at doWrite (_stream_writable.js:225:10)
    at writeOrBuffer (_stream_writable.js:215:5)
    at EncryptedStream.Writable.write (_stream_writable.js:182:11)
    at write (_stream_readable.js:601:24)

[koma75]

Seems to be an issue with using an original CA server with no publicly known CA in the certificate chain.

After fixing the server side to include a certificate chain, the error changed to the following:

events.js:72
        throw er; // Unhandled 'error' event
              ^
Error: SELF_SIGNED_CERT_IN_CHAIN
    at SecurePair.<anonymous> (tls.js:1367:32)
    at SecurePair.emit (events.js:92:17)
    at SecurePair.maybeInitFinished (tls.js:979:10)
    at CleartextStream.read [as _read] (tls.js:471:13)
    at CleartextStream.Readable.read (_stream_readable.js:340:10)
    at EncryptedStream.write [as _write] (tls.js:368:25)
    at doWrite (_stream_writable.js:225:10)
    at writeOrBuffer (_stream_writable.js:215:5)
    at EncryptedStream.Writable.write (_stream_writable.js:182:11)
    at write (_stream_readable.js:601:24)

This can only be handled by enabling to read the corresponding Root certificate from a local file.

[koma75]

relates to: https://github.com/dsn/node-atlassian-crowd/issues/8