Self-Signed Certificate Error in GitHub Actions 

You will get the following problem when attempting to check out a repository from a URL with a self-issued certificate or a certificate certified by an untrusted certificate authority (CA):

request to <URL> failed, reason: self signed certificate in certificate chain

In this note, I'll explain how to add trusted CA certificates to resolve the self-signed certificate error in GitHub Actions.

If you use GitHub Actions with self-hosted runners, you can resolve the “self signed certificate in certificate chain” error by starting the runner with the NODE_EXTRA_CA_CERTS environment variable that should point to a file with the CA certificates, for example:

$export NODE_EXTRA_CA_CERTS="/etc/pki/ca-trust/source/anchors/squid-ca-cert.crt"

Then run "./run.sh"

 If you have configured the self-hosted runner application as a service, the NODE_EXTRA_CA_CERTS environment variable can be set in the service file as follows:

$ vi /etc/systemd/system/actions.runner._services.hostname.service
$ cat /etc/systemd/system/actions.runner._services.hostname.service
[Unit]
Description=GitHub Actions Runner (_services.hostname)
After=network.target

[Service]
ExecStart=/opt/github/actions-runner/2.289.3/runsvc.sh
WorkingDirectory=/opt/github/actions-runner/2.289.3
KillMode=process
KillSignal=SIGTERM
TimeoutStopSec=5min
Environment="NODE_EXTRA_CA_CERTS=/etc/pki/ca-trust/source/anchors/squid-ca-cert.crt"

[Install]
WantedBy=multi-user.target

$ systemctl daemon-reload
$ systemctl restart actions.runner._services.hostname.service