HttpError: request to enterprise github API with self-signed certificate - unable to verify the first certificate

[crackitty]

When working on a project in an enterprise github instance with a self-signed certificate, I get the following output.

Creating annotations for /home/runner/actions-runner/_work/demo-api/demo-api/build/reports/checkstyle/main.xml
Creating annotations for /home/runner/actions-runner/_work/demo-api/demo-api/build/reports/checkstyle/test.xml
Uploading 0 / 0 annotations to GitHub as Checkstyle with conclusion success
Error: HttpError: request to https://github.company.local/api/v3/repos/Organization/demo-api/commits/eebc1a4ba7aedc7000ae18a04d52207653c33eac/check-runs failed, reason: unable to verify the first certificate

So, the action does the first part fine, but when it attempts to communicate with the server, it gets this error.

The runner is a self-hosted runner on Ubuntu and the certificate for the github.company.local address is installed under /etc/ssl/certs. I have the following environment var set in the workflow

env:
  SSL_CERT_DIR: "/etc/ssl/certs"

This gets picked up by the other actions like Java and the Gradle build that runs to produce the checkstyle reports.

I tried adding another environment variable for node:

  NODE_EXTRA_CA_CERTS: "/etc/ssl/certs/wildcard.company.pem"

But to no avail.

Is there something I missed?