I'm following online examples using the latest version of nodejs and http-proxy, but get the following error when my request is sent to the endpoint https server:

C:\Users\Me\node_modules\http-proxy\lib\http-proxy\index.js:114
throw err;       
Error: DEPTH_ZERO_SELF_SIGNED_CERT
at SecurePair.<anonymous> (tls.js:1370:32)
at SecurePair.EventEmitter.emit (events.js:92:17)
at SecurePair.maybeInitFinished (tls.js:982:10)
at CleartextStream.read [as _read] (tls.js:469:13)
at CleartextStream.Readable.read (_stream_readable.js:320:10)
at EncryptedStream.write [as _write] (tls.js:366:25)
at doWrite (_stream_writable.js:226:10)
at writeOrBuffer (_stream_writable.js:216:5)
at EncryptedStream.Writable.write (_stream_writable.js:183:11)
at write (_stream_readable.js:582:24)

My code is very simple:

var httpProxy = require('http-proxy');
var http = require('http');
var fs = require('fs');

var apimcert = fs.readFileSync('./mycert.pfx');
var proxy = httpProxy.createProxyServer({});

var options = {
  pfx: apimcert,
  passphrase : 'pAssw0rd',
  rejectUnauthorized : 'false',
  agent: false
};

var server = require('https').createServer(options, function(req, res) {
  console.log("Got a request " + req);
  proxy.web(req, res, {
      ssl: {
        pfx : apimcert,
        passphrase : 'pAssw0rd',
        rejectUnauthorized : 'false'

        //strictSSL: false
      },
      target: 'https://endpointhost:9443/postev',  
      secure: true       
  }

  );
});

console.log("listening on port 9442")
server.listen(9442);

If I set secure : false then the request does get forwarded to the endpoint, but obviously gets sent back with a 403 forbidden response. The certificate and passphrase I'm using are the ones from my endpoint server, and I've tested that they do work when sending the request directly. All I want my proxy to do is to examine the contents of the requests, log a message for each one, and then forward to the endpoint server.

I've googled this problem and tried fiddling around with agents and strictSSL, but to no avail.

I'm using Ant design prowith umi. just add this secure: false, to proxy.ts

proxy: {
  '/myapi': {
      target: 'https://localhost:8443',
      changeOrigin: true,
      secure: false, // 不进行证书验证
    },

umi will auto reload config, just fresh the browser and all good.

Try passing {rejectUnauthorized: false} to httpProxy.createProxyServer()

react create app

file package.json

``` "proxy": {

"/credit": {
  "target": "https://xxxx.com",
  "changeOrigin": true,
  "secure": false
}

} ```

In Nuxt.js when connecting to an API with a self-signed cert, adding this entry to .env will fix the "DEPTH_ZERO_SELF_SIGNED_CERT" error.

NODE_TLS_REJECT_UNAUTHORIZED=0

I had the same issue - if you look at the http-node-proxy source you'll see it actually sets rejectUnauthorized based on your secure setting in the options:

if (options[forward || 'target'].protocol == 'https:') { outgoing.rejectUnauthorized = (typeof options.secure === "undefined") ? true : options.secure; }

So you can actually easily set rejectUnauthorized to false by just passing secure: false in your call to httpProxy.createProxyServer.

the easy way is just adding this in your code ,

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

that solved my problem