Based on a few tweets pointing to node.js-related forum threads, I think know where the problem might be as well as a possible solution:
var options = require('url').parse(/**String*/ url );
options.rejectUnauthorized =false;
options.agent =new https.Agent( options );
https.get(/**Object*/ options,function( res ){
// handle response & body
}).on('error',function( e ){
// handle errors
}).end();
Unfortunately, I have no idea where in the over 1000 .js files included in the AppBuilder code drop, this change would be necessary.