Registering Certificate Bundles in Node.js - Amazon SDK for JavaScript
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

We announced the upcoming end-of-support for Amazon SDK for JavaScript v2. We recommend that you migrate to Amazon SDK for JavaScript v3. For dates, additional details, and information on how to migrate, please refer to the linked announcement.

Registering Certificate Bundles in Node.js

The default trust stores for Node.js include the certificates needed to access Amazon services. In some cases, it might be preferable to include only a specific set of certificates.

In this example, a specific certificate on disk is used to create an https.Agent that rejects connections unless the designated certificate is provided. The newly created https.Agent is then used to update the SDK configuration.

var fs = require('fs');
var https = require('https');
var certs = [
  fs.readFileSync('/path/to/cert.pem')
];
    
AWS.config.update({
  httpOptions: {
    agent: new https.Agent({
      rejectUnauthorized: true,
      ca: certs
    })
  }
});