I looked into the source code of mqtt.js and found that TLS related options are really just forwarded to "node:tls" module's tls.connect(opt) method, so the docs you wanna consult are here:
After reading, it just makes me wonder: where did you got the impression that these are valid options to pass into mqtt.connectAsync({ caPaths, certPath, keyPath })? 👈 Those 3 fields doesn't exist in docs of MQTT.js nor Node.js...
So I think @hardillb's answer is on the right track after all, not sure what's still missing that prevents it to work, but read the docs ™️ please.
Telling from the node.js docs, obviously you can simply pass in rejectUnauthorized: false to mute the error:
await mqtt.connectAsync(
'mqtts://localhost:8883',
{
protocol: 'mqtts',
rejectUnauthorized: false
}
)
Although you said in your question updates "Option 1: No, I cannot do that", it's not clear whether you just don't accept this solution, or you simply mean you cannot set NODE_TLS_REJECT_UNAUTHORIZED="0" globally but are still open to set it in one instance, thus I'm post this solution anyways, it's up to you.
As of "Option 2: I cannot do that as I use MQTT." Nay, in fact you can, because no matter you're using mqtt.js or postman, those options are passed into "node:tls" under the hood.