I am using npm v1.0.104/node 0.6.12 on ubuntu - I am receiving the error copied below while attempting to install any new modules via npm (I tested socket.io earlier using http, not https though & am wondering if that could have resulted in the issue with npm/unsigned certs). The error pops up once npm tries to resolve the 'https://registry.npmjs.org' URL. Is there anyway I can ignore the error or perhaps locate/add the cert to a trusted store in order to continue using npm.
Any insight on what needs to be done to resolve the issue will be appreciated (I would prefer to resolve the issue through configuration as opposed to re-installing if possible).
Error: "Error: SSL Error: SELF_SIGNED_CERT_IN_CHAIN"
Full Message:
npm ERR! Error: SSL Error: SELF_SIGNED_CERT_IN_CHAIN npm ERR! at ClientRequest.<anonymous> (/usr/lib/node_modules/npm/node_modules/request/main.js:252:28) npm ERR! at ClientRequest.emit (events.js:67:17) npm ERR! at HTTPParser.onIncoming (http.js:1261:11) npm ERR! at HTTPParser.onHeadersComplete (http.js:102:31) npm ERR! at CleartextStream.ondata (http.js:1150:24) npm ERR! at CleartextStream._push (tls.js:375:27) npm ERR! at SecurePair.cycle (tls.js:734:20) npm ERR! at EncryptedStream.write (tls.js:130:13) npm ERR! at Socket.ondata (stream.js:38:26) npm ERR! at Socket.emit (events.js:67:17) npm ERR! Report this *entire* log at: npm ERR! <http://github.com/isaacs/npm/issues> npm ERR! or email it to: npm ERR! <[email protected]> npm ERR! npm ERR! System Linux 2.6.38-13-generic npm ERR! command "node" "/usr/bin/npm" "install" "jed" npm ERR! node -v v0.6.12 npm ERR! npm -v 1.0.104
Solutions: Use wget https://registry.npmjs.org/coffee-script --ca-certificate=./DigiCertHighAssuranceEVRootCA. crt to fix wget problem. Use npm config set cafile /path/to/DigiCertHighAssuranceEVRootCA.
Most of these tools have an option to disable strict SSL certificate checking, which let you get around the problem: npm config strict-ssl false. git config --global http. sslverify false.
Running the following helped resolve the issue:
npm config set strict-ssl false
I cannot comment on whether it will cause any other issues at this point in time.
As of February 27, 2014, npm no longer supports its self-signed certificates. The following options, as recommended by npm, is to do one of the following:
Upgrade your version of npm
npm install npm -g --ca=""
-- OR --
Tell your current version of npm to use known registrars
npm config set ca ""
Update: npm has posted More help with SELF_SIGNED_CERT_IN_CHAIN and npm with more solutions particular to different environments
sudo
to the recommendations. It seems that people are having issues using npm's recommendations, so here are some other potential solutions.
Upgrade Node itself
Receiving this error may suggest you have an older version of node, which naturally comes with an older version of npm. One solution is to upgrade your version of Node. This is likely the best option as it brings you up to date and fixes existing bugs and vulnerabilities.
The process here depends on how you've installed Node, your operating system, and otherwise.
Update npm
Being that you probably got here while trying to install
a package, it is possible that npm install npm -g
might fail with the same error. If this is the case, use update
instead. As suggested by Nisanth Sojan:
npm update npm -g
Update npm alternative
One way around the underlying issue is to use known registrars, install, and then stop using known registrars. As suggested by jnylen:
npm config set ca "" npm install npm -g npm config delete ca
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With