This error has suddenly started occurring on all my servers, and despite trying everything suggested here, I haven't been able to resolve it. The issue persists regardless of the URL I attempt to access, including 'google.com', for instance. My environment consists of Windows Server 2019 and Node.js version 21.7.3. I've attempted making requests using both Axios and Node-fetch, but encountered the same error with both. Surprisingly, when using 'CURL', everything functions as expected. Below is an example of the code I've been working with.

const axios = require('axios');
axios.get('https://google.com')
  .then(function (response) {
    console.log(response);
  })
  .catch(function (error) {
    console.log(error);
  });

After hours of troubleshooting, I can confirm this is the recent Eset Internet Security update.

The issue in my Node app appeared like this:

Error occurred while trying to proxy request /elastic from localhost:8080 to https://myserver.example (UNABLE_TO_VERIFY_LEAF_SIGNATURE)

What has helped in my case - settings of Eset Internet Security:

1. Select Internet protection
2. Open SSL/TLS submenu on the left
3. Check rules for applications and certificates.
4. If any of the certificate is blocked or set to "Automatic", change it to "Allowed" and "Scan action" change to ignore. Do this for certificates and urls you know. My problem was with a development stage server.

Alternative solution: Turn "Enable HTTPS traffic scanning" completely off.

1000 Thanks to Peter Matisko, shobidobi, jkaos92!

Attention: As far as I checked, this problem is only with those of you which has ESET on your computer!

Follow these steps in the new update and you can find the right place to disable/fix the SSL/TLS issue:

1. Open ESET
2. Go to the Setup tab from the side menu
3. Click on the Network
4. Click on one of the ⚙️ buttons on the right side
5. Go to the SSL/TLS tab from the side menu
6. Keep SSL enabled and click on Edit on Application Scan Rules
7. Add node (node.exe) to the exception (label : "ignore").

For those of you who are using GitHub Copilot and faced the same issue (First Certificate), follow these steps to fix it:

1. Open ESET

2. Go to the Setup tab from the side menu

3. Click on the Network

4. Click on one of the ⚙️ buttons on the right side

5. Go to the SSL/TLS tab from the side menu

6. Click on Edit on Certificate Rules

7. Click on Add button

8. Click on URL

9. Then add these 2 URLs (separately):

   a. https://copilot-proxy.githubusercontent.com

   b. https://api.githubcopilot.com

10. In the Scan action, select Ignore

Source: GitHub Docs

Unlike the respondents above, I did not find this limited to those using ESET; it happened to me in two environments, neither of which were running ESET.

As explained in [https://www.codewithyou.com/blog/how-to-use-axios-to-handle-ssltls-certificate-verification-errors-in-nodejs]this article, the error indicates that "your application is unable to verify the SSL/TLS certificate presented by the server".

The article goes on to suggest the option of turning off a security setting in axios by passing it a custom httpAgent, e.g.:

const axios = require('axios'); // standard axios
const https = require('https'); // added for this workaround

const agent = new https.Agent({ // this block added for the workaround
  rejectUnauthorized: false,
})

axios
  .get('https://example.com', {
    httpsAgent: agent,          // this option added for the workaround
  })
  .then ...

This solution worked for me. I hope it will help someone else as well.