LuminateOnline CA Certificates

We are trying to build out an integration for a LuminateOnline client and we are attempting to call their LuminateOnline APIs from a Node.js backend server. We have found that when we call the APIs without specifying any custom root or intermediate certificates, we get an UNABLE_TO_VERIFY_LEAF_SIGNATURE error.

Only when we explicitly add both the intermediate and root certificates to the http client does the requests work. This seems weird that the root and intermediate CAs that you use are not included by default in the well known CA certificates for our Node v18 runtime. This means that when the CA certificates are rotated/changed on the Luminate side, we also need to update the certs on our end which I believe introduces an unnecessary dependency. The root certificate is the DigiCert Global Root CA and the intermediate certificate is the DigiCert TLS RSA SHA256 2020 CA1.

Note that this problem seems to be specific to the Node.js runtime as most browser clients automatically have the right certificates to establish the TLS connection. This seems to be related to this:

Based on my understanding of certificate chains, the Intermediate Certificate is not installed on the server it may prevent some browsers, mobile devices, or applications from trusting the SSL/TLS certificate. So in order to make the SSL/TLS certificate compatible with all clients, it is necessary that the Intermediate Certificate (ICA) be installed. This seems like a problem on the LuminateOnline servers.

Separately, we also need to specify the following argument in our http client to establish the TLS connection: SSL_OP_LEGACY_SERVER_CONNECT. Our process is using the OpenSSL 3.0 library. Is this expected?