reactjs - add custom ca-bundle to next.js for server side calls

Question

I have my site domain.com hosted on Vercel. The next.js application talks to a Laravel API deployed at a subdomain.domain.com on AWS for server-side rendering. I bought a separate SSL certificate for the wildcard domains and added the CAA entries to the DNS for the CA authorities. I see the certificate verified and working fine in the browsers. However, the server-side rendering requests were failing with the following error (local development connecting to the API hosted at subdomain)

event - build page: /user/[profile_id]
wait  - compiling...
event - compiled successfully
Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (_tls_wrap.js:1321:34)
    at TLSSocket.emit (events.js:210:5)
    at TLSSocket._finishInit (_tls_wrap.js:794:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:608:12) {
  code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
  config: {
    url: 'https://subdomain.domain.com/api/account/john-doe',
    method: 'get',
    headers: {
      Accept: 'application/json',
      Authorization: '',
      token: '',
      'User-Agent': 'axios/0.21.1'
    },
    .
    .

I came across this package ssl-root-cas, and the issue is fixed (local development) and the pages load fine. added this snippet to next.config.js

'use strict';
var rootCas = require('ssl-root-cas').create();
rootCas.addFile(__dirname + '/domain.ca-bundle');
// default for all https requests
// (whether using https directly, request, or another module)
require('https').globalAgent.options.ca = rootCas;

However, this doesn't seem to be working when I deploy to my staging site on Vercel. My guess is Vercel doesn't have the domain.ca-bundle file? The file is added to the git version control, so should exist in the codebase when the build is generated.

question from:https://stackoverflow.com/questions/66045858/add-custom-ca-bundle-to-next-js-for-server-side-calls

Answer 1

Waitting for answers