npmrc is the configuration file that npm allows to be used globally or user level or project level to optimize your npm environment.
Built-in npm config file: /path/to/npm/npmrc.
A quick solution from the internet search was npm config set strict-ssl false
, luckily it worked. But as a part of my work environment, I am restricted to set the strict-ssl flag to false.
Later I found a safe and working solution,
npm config set registry http://registry.npmjs.org/
this worked perfectly and I got a success message Happy Hacking!
by not setting the strict-ssl flag to false.
what may be happening is your company decrypts certain traffic and re-encrypts it with their certificate (which you probably already have in your keychain or trusted root certificates)
if you're using node 7 or later I've found this fix to be compatible with node and node-gyp (for Windows you'll need to do this differently, but you basically just need to add this environment variable):
export NODE_EXTRA_CA_CERTS="absolute_path_to_your_certificates.pem"
(in Windows you may need to remove the quotes)
the pem file can have multiple certificates: https://nodejs.org/api/cli.html#cli_node_extra_ca_certs_file
make sure your certificates are in proper pem format (you need real line breaks not literal \n
)
I couldn't seem to get it to work with relative paths (.
or ~
)
This fix basically tells npm and node-gyp to use the check against the regular CAs, but also allow this certificate when it comes across it
Ideally you would be able to use your system's trusted certificates, but unfortunately this is not the case.
Changing the NPM repo URL to HTTP works as a quick-fix, but I wanted to use HTTPS.
In my case, the proxy at my employer (ZScaler) was causing issues (as it acts as a MITM, causing certification verification issues)
I forgot I found a script that helps with this and Git (for cloning GitHub repos via HTTPS had the same issue) and forked it for my use
Basically, it does the following for git:
git config --global http.proxy http://gateway.zscaler.net:80/
git config --system http.proxy http://gateway.zscaler.net:80/
and for Node, it adds proxy=http://gateway.zscaler.net:80/
to the end of c:\Users\$USERNAME\npm\.npmrc
That solved the issue for me.
After trying out every solution I could find:
npm config set strict-ssl=false
npm config set registry http://registry.npmjs.org/
npm config set cafile /path/to/your/cert.pem
set NODE_TLS_REJECT_UNAUTHORIZED=0
The solution that seems to be working the best for me now is to use the NODE_EXTRA_CA_CERTS environment variable which extends the existing CAs rather than replacing them with the cafile option in your .npmrc file. You can set it by entering this in your terminal: NODE_EXTRA_CA_CERTS=path/to/your/cert.pem
Of course, setting this variable every time can be annoying, so I added it to my bash profile so that it will be set every time I open terminal. If you don’t already have a ~/.bash_profile
file, create one. Then at the end of that file add export NODE_EXTRA_CA_CERTS=path/to/your/cert.pem
. Then, remove the cafile setting in your .npmrc.
Had the same error. Looks like it is related to SSL certificates. If you are using NPM for public packages (don't need the security of HTTPS) you can turn off strict SSL key validation with the following command.
This might be the simplest fix if you're just looking to install a few publicly available packages one time.
npm config set strict-ssl=false
npm config set registry http://registry.npmjs.org/
If this code trick didn't work for you then try to run your application from home directory.. It worked for me.
Trust me, this will work for you:
npm config set registry http://registry.npmjs.org/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With