Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Npm SELF_SIGNED_CERT_IN_CHAIN on Azure

Tags:

node.js

npm

azure

Since npm dropped support for self signed certs yesterday, I can no longer install any packages from npm running on Windows Azure.

On my local machine I could solve the issue by applying this official fix. However, I couldn't find a way to fix the problem on my site instance. Any ideas?

like image 484
Bruno Faria Avatar asked Feb 28 '14 15:02

Bruno Faria


People also ask

What is Self_signed_cert_in_chain?

The error SELF_SIGNED_CERT_IN_CHAIN means that you have self signed certificate in certificate chain which is basically not trusted by the system.

How do I turn off strict SSL?

In the Internet Options window on the Advanced tab, under Settings, scroll down to the Security section. In the Security section, locate the Use SSL and Use TLS options and uncheck Use SSL 3.0 and Use SSL 2.0. If they are not already selected, check Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2.

What is npm Azure?

Network Performance Monitor (NPM) is a cloud-based network monitoring solution that monitors connectivity between Azure cloud deployments and on-premises locations (Branch offices, etc.). NPM is part of Azure Monitor logs.

How do I make strict SSL false in npm?

Setting strict-ssl=false should workaround this. The corporate root CA is trusted locally (Windows and Mac keychain etc) but for npm we add a custom certificate bundle via npm config set cafile … and strict-ssl=false as a workaround.


2 Answers

Until we update NPM on Azure, one simple way to work around this is to create a custom deployment script (info here).

Here is a sample repo that demonstrates what to customize: https://github.com/davidebbo-test/AzureNpmCertWorkaround. Specifically, look at this commit, which uses the npm config set ca "" workaround.

If you don't want to deal with generating a custom deployment script using the Azure tool, you can simply grab the .deployment and the deploy.cmd from the test repo, and commit them to the root of your repo.

like image 28
David Ebbo Avatar answered Oct 26 '22 23:10

David Ebbo


Since yesterday (Feb 27, 2014) NPM doesn't support self signed certificates anymore: http://blog.npmjs.org/post/78085451721/npms-self-signed-certificate-is-no-more

The solution: either

Upgrade your version of npm

npm update -g

-- or --

Tell your current version of npm to use known registrars

npm config set ca=""

-- or ---

As last resort resolution I don't suggest this for security issues, using SSL is always safer, switch your registry to use HTTP instead of HTTPS:

npm config set registry="http://registry.npmjs.org/"

like image 123
Maxime Poulin Avatar answered Oct 26 '22 23:10

Maxime Poulin