"unable to verify the first certificate" for sites secured by ZeroSSL SSL.

[akashraj9828]

• Version: v12.16.3
• Platform: Linux 8d41b898-2193-40ee-a9ec-f9da8e27d749 4.4.0-1066-aws Add find method to require #70-Ubuntu SMP Sun Apr 12 21:21:15 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

What steps will reproduce the bug?

Try sending any request to an https website secured by ZeroSSL cerificate
eg: here akashraj.tech is using ZeroSSL

const fetch = require("node-fetch")
fetch("https://akashraj.tech").then(a=>console.log(a))

What is the expected behavior?

Request should succeed and return a result.

What do you see instead?

UnhandledPromiseRejectionWarning: FetchError: request to https://akashraj.tech failed, reason: unable to verify the first certificate
    at ClientRequest.<anonymous> (C:\Users\Akash\node_modules\node-fetch\index.js:133:11)
    at ClientRequest.emit (events.js:198:13)
    at ClientRequest.EventEmitter.emit (domain.js:448:20)
    at TLSSocket.socketErrorListener (_http_client.js:392:9)
    at TLSSocket.emit (events.js:198:13)
    at TLSSocket.EventEmitter.emit (domain.js:448:20)
    at emitErrorNT (internal/streams/destroy.js:91:8)
    at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)
    at process._tickCallback (internal/process/next_tick.js:63:19)

I think this might be an issue with the certificate of Zero SSL not being included in Node. I saw an issue ( #4175 ) saying that Node has hardcoded CA certificates too. Maybe updating that might work. idk.

Zero ssl is new replacement for LetsEncrypt free ssl provider

[bnoordhuis]

Try upgrading to v12.18.0, that contains the latest list of CA roots from Mozilla (the list that'll ship in FF 78.)

If that doesn't fix it, you should probably check if Mozilla has plans to include their root certificate.

I'll close this but I can move it to nodejs/help if you have follow-up questions.