webosbrew
Fix CA certificates
The node binary contains a built-in set of trusted CA certificates that never gets updated. Therefore, Node.js services are stuck using whatever certs were bundled when that potentially ancient Node version was released.
Newer versions of Node.js (on webOS 5+) support the --use-openssl-ca option, which makes node use /etc/ssl/certs instead of its own bundle—but that doesn't help us on older versions. Indeed, there doesn't seem to be a clean way to fix this globally on Node 0.10.x and 0.12.x. So, I ended up creating a wrapper around fetch() that controls what certificates it trusts.
All PEM certs in <service dir>/certs will be treated as trusted. I have included the Mozilla CA cert bundle from curl, but users can also add additional certs. If people don't think that's useful, I could simplify the code by just loading a single file (which users could still modify). We could also theoretically just embed the certs in a JS file and avoid the "parsing" part altogether, but that would significantly reduce flexibility.
While testing this on webOS 1, I was able to download and install Kodi and apps hosted on GitHub. It could use more testing on other webOS versions. It's not perfect, but I'm tired. And I want to get a release out this year.
