TLS requires certificate verification, and an essential part of this is verification that a certificate was issued by a pre-known “trusted” certificate authority (CA).
Browsers have the well-known certificates of reliable certificate authorities built-in, as well as the certificates of some known unreliable authorities. So does Node.js, but we don’t attempt to curate our own list; we use Mozilla’s because they have a well-defined policy for managing it.
This generally works well, it doesn’t require explicit configuration by Node.js users and Node.js will trust the same CAs across platforms and environments, as well as having behaviour that is generally consistent with browsers.
As of Node.js 7.3.0 (and the LTS versions 6.10.0 and 4.8.0) it is now possible to add extra well-known certificates to Node.js with an environment variable. This can be useful in cloud or other deployment environments to add trusted certificates as a matter of policy (as opposed to explicit coding), or on personal machines, for example, to add the CAs for proxy servers.