Hi,

I'm getting the following response from my proxy-chain server:

{ Error: unable to verify the first certificate at TLSSocket.onConnectSecure (_tls_wrap.js:1051:34) at TLSSocket.emit (events.js:189:13) at TLSSocket._finishInit (_tls_wrap.js:633:8) code: 'UNABLE_TO_VERIFY_LEAF_S IGNATURE' }

I have it behind a GCP load balancer - when connecting to it via an instance directly, it runs perfectly fine. However when it's behind a load balancer, something with the intermediate certificate isn't set correctly.

I've seen solutions to this problem using something like:

var rootCas = require('ssl-root-cas/latest').create(); require('https').globalAgent.options.ca = rootCas;

Is it possible to configure proxy-chain like this? I can't find any references to https in the source.

Thanks!

Well, the HTTP proxy only tunnels HTTPS traffic via so-called HTTP CONNECT tunnel, it doesn't view or manipulate the certificates in any way so there really isn't anything to change in the proxy-chain package. Maybe the load balancer is using a self-signed certificate that is not known by your client?