node: 8.7.0,
bunyan: 1.8.12,
bunyan-seq: 0.2.0

I want to log to a local Seq instance which is using a self-signed certificate. The only way to get it working now is to add NODE_TLS_REJECT_UNAUTHORIZED=0 but I want to avoid this at all cost.

Would it be possible to add an option so we could enable (or actually disable) the strictSSL option in the Request library?

Hi Sjors, thanks for getting in touch.

The best option, if it's possible, is to trust your own self-signed certificate; this is the only secure option, since with anything less than full SSL, the traffic between the app and server can be intercepted (i.e. although the connection will be encrypted, there's no way for the app server to know whether it's sending the data to the real log server or a man-in-the-middle).

On macOS and Windows it's fairly easy to add the cert to the trusted certificate list (Certificate Manager on Windows, Keychain Access on macOS). For Linux it will depend on the distro.

If this isn't possible, accepting a secure: false configuration option in the seq.Logger() constructor seems like a reasonable addition, and is definitely an improvement on NODE_TLS_REJECT_UNAUTHORIZED=0. Let me know if you are interested in working through a PR, if you need to take this route 👍

Best regards,
Nick

Hi Nick,

Thanks for your fast response. You pushed me in the right direction and I ended up finding and using NODE_EXTRA_CA_CERTS.
This gives you the option to add the Root CA public key to your env and then everything is (securely) fixed!

Fantastic, thanks for posting the solution 👍