Node.js SSL certificate validation issue
UNABLE_TO_VERIFY_LEAF_SIGNATURE
This is a Node.js SSL certificate validation issue. It means Node doesn’t trust the certificate chain from your local Sitecore endpoint (https://sc104sc.dev.local).
Why this happens
- Your Sitecore instance is using a self-signed cert or a cert signed by a local CA
- Node.js doesn’t automatically trust your OS certificate store
- So the HTTPS request fails during SSL verification
Fix options (choose one)
Option 1 — Trust the local root CA (best long-term fix)
If you're using something like mkcert:
- Install the root CA into Node:
- export NODE_EXTRA_CA_CERTS=/path/to/rootCA.pem
- Then restart your dev server
This keeps SSL validation intact (recommended)
Option 2 — Disable SSL verification (quick dev-only fix)
Set this env variable:
export NODE_TLS_REJECT_UNAUTHORIZED=0
Or on Windows:
set NODE_TLS_REJECT_UNAUTHORIZED=0
Warning: This disables SSL security entirely — only use locally.
Option 3 — Pass custom HTTPS agent in code
If you're using fetch (Node):
import https from "https";
const agent = new https.Agent({
rejectUnauthorized: false,
});
fetch("https://sc104sc.dev.local/...", { agent });
Option 4 — Install cert into Node manually
If you have the .crt file:
NODE_EXTRA_CA_CERTS=./sitecore.crt npm run dev
Quick sanity checks
- Open https://sc104sc.dev.local in your browser
- If you see a warning → cert isn’t trusted
- If browser works but Node fails → classic Node CA issue
Recommendation
Use Option 1 (NODE_EXTRA_CA_CERTS) if:
- you're working in a proper local dev setup (Sitecore XM/XP, containers, etc.)
Use Option 2 only if:
- you just need to unblock quickly