receiving error Error SSL Error SELF SIGNED CERT IN CHAIN while using npm

Question

I am using npm v1 0 104 node 0 6 12 on ubuntu - I am receiving the error copied below while attempting to install any new modules via npm  I tested socket io earlier using http  not https though  amp  am wondering if that could have resulted in the issue with npm unsigned certs    The error pops up once npm tries to resolve the  https   registry npmjs org  URL   Is there anyway I can ignore the error or perhaps locate add the cert to a trusted store in order to continue using npm    Any insight on what needs to be done to resolve the issue will be appreciated  I would prefer to resolve the issue through configuration as opposed to re-installing if possible       Error   Error  SSL Error  SELF SIGNED CERT IN CHAIN    Full Message   npm ERR  Error  SSL Error  SELF SIGNED CERT IN CHAIN npm ERR      at ClientRequest  lt anonymous gt    usr lib node modules npm node modules request main js 252 28  npm ERR      at ClientRequest emit  events js 67 17  npm ERR      at HTTPParser onIncoming  http js 1261 11  npm ERR      at HTTPParser onHeadersComplete  http js 102 31  npm ERR      at CleartextStream ondata  http js 1150 24  npm ERR      at CleartextStream  push  tls js 375 27  npm ERR      at SecurePair cycle  tls js 734 20  npm ERR      at EncryptedStream write  tls js 130 13  npm ERR      at Socket ondata  stream js 38 26  npm ERR      at Socket emit  events js 67 17  npm ERR  Report this  entire  log at  npm ERR       lt http   github com isaacs npm issues gt  npm ERR  or email it to  npm ERR       lt npm- googlegroups com gt  npm ERR   npm ERR  System Linux 2 6 38-13-generic npm ERR  command  node    usr bin npm   install   jed  npm ERR  node -v v0 6 12 npm ERR  npm -v 1 0 104

User · Answer

The repository no longer supports self-signed certificates. You need to upgrade npm.

// Disable the certificate temporarily in order to do the upgrade
npm config set ca ""

// Upgrade npm. -g (global) means you need root permissions; be root 
// or prepend `sudo`
sudo npm install npm -g

// Undo the previous config change
npm config delete ca

// For Ubuntu/Debian-sid/Mint, node package is renamed to nodejs which 
// npm cannot find. Fix this:
sudo ln -s /usr/bin/nodejs /usr/bin/node

You need to open a new terminal session in order to use the updated npm.

Source: This was originally an edit on jnylen's answer. Although the guidelines say "We welcome all constructive edits, but please make them substantial," the edit was rejected due to "This edit changes too much in the original post; the original meaning or intent of the post would be lost." I guess the community prefers a separate answer.

User · Answer

As of February 27  2014  npm no longer supports its self-signed certificates  The following options  as recommended by npm  is to do one of the following   Upgrade your version of npm  npm install npm -g --ca      -- OR --  Tell your current version of npm to use known registrars  npm config set ca      Update  npm has posted More help with SELF SIGNED CERT IN CHAIN and npm with more solutions particular to different environments    You may or may not need to prepend sudo to the recommendations      Other options  It seems that people are having issues using npm s recommendations  so here are some other potential solutions   Upgrade Node itself Receiving this error may suggest you have an older version of node  which naturally comes with an older version of npm  One solution is to upgrade your version of Node  This is likely the best option as it brings you up to date and fixes existing bugs and vulnerabilities   The process here depends on how you ve installed Node  your operating system  and otherwise   Update npm Being that you probably got here while trying to install a package  it is possible that npm install npm -g might fail with the same error  If this is the case  use update instead  As suggested by Nisanth Sojan   npm update npm -g   Update npm alternative One way around the underlying issue is to use known registrars  install  and then stop using known registrars  As suggested by jnylen   npm config set ca    npm install npm -g npm config delete ca

User · Answer

For those who on a mac with the same issue and installed npm via homebrew    brew uninstall npm   then  brew install npm   Works for me on osx  10 9 1   EDIT  You may need to brew update before installing npm  You can also do a brew upgrade after updating homebrew   Also it might be helpful to run brew doctor if you run into any other issues

User · Answer

Putting this before the command seems to work NODE TLS REJECT UNAUTHORIZED 0  ex  NODE TLS REJECT UNAUTHORIZED 0 npm      It would be best to figure out how to make node see self signed certificate as valid   strict-ssl suggestion above didn t work for me for some reason   If you understand the security implications and need a temporary quick fix  this is what I found in some random github issues during Google search of the error

User · Answer

Running the following helped resolve the issue  npm config set strict-ssl false  I cannot comment on whether it will cause any other issues at this point in time

User · Answer

Uninstall NPM and install it again   As of February 27  2014 npm no longer supports its self-signed certificates  http   blog npmjs org post 78085451721 npms-self-signed-certificate-is-no-more  The link above suggests upgrading NPM using NPM  This also fails with SELF SIGNED CERT IN CHAIN

User · Answer

Turning off SSL seems like a profoundly bad idea  npm s blog explains that they no longer support their self-signed cert  They suggest upgrading npm via npm install npm -g  but I of course got the same SELF SIGNED CERT IN CHAIN error  So I just updated node  which updated npm along with it  Exact procedure depends on how you installed node in the first place

User · Answer

npm config set strict-ssl false -g   To save it globally

User · Answer

For now I just switched registry URL from https to http  Like this   npm config set registry  http   registry npmjs org

User · Answer

You need to upgrade npm      Do this first  or the upgrade will fail npm config set ca     npm install npm -g     Undo the previous config change npm config delete ca   You may need to prefix those commands with sudo   Source  http   blog npmjs org post 78085451721 npms-self-signed-certificate-is-no-more

User · Answer

Quick and clean solution  linux tested   After fatidic February 27  2014     Uninstall npm  npm rm npm -g   Install npm  new URL is www npmjs org instead npmjs org   curl https   www npmjs org install sh   sh   Tip  how to install node js in linux https   stackoverflow com a 22099363 333061

User · Answer

just for development in windows  Env NODE TLS REJECT UNAUTHORIZED 0

User · Answer

The error SELF SIGNED CERT IN CHAIN means that you have self signed certificate in certificate chain which is basically not trusted by the system  If that happens  basically something fishy is going on  therefore as people already commented  it is not recommended to just disable certificate checks  but better approach is to understand what is the problem and fix the cause of it  This maybe related either to   custom repository address which doesn t have the right certificate   a corporate network with transparent proxy  If you re behind a corporate web proxy  you should set-up the proper HTTP PROXY HTTPS PROXY environment variables or set them via npm    npm config set proxy http   proxy company com 8080   npm config set https-proxy http   proxy company com 8080  See  How to setup Node js and Npm behind a corporate web proxy   If you trust the host  you can export the self-signed certificate from the chain and import them into system  so they re marked as trusted  This can be achieved by checking the certificates by  change example com into npm repo which is failing based on the npm-debug log   openssl s client -showcerts -connect example com 443  lt   dev null  then save the certificate content  between BEGIN and END  into  crt file in order to import it  Linux As per suggestion  you can add the below to the  etc environment file  Node 7 4   to export your CA chain  like  NODE EXTRA CA CERTS  etc pki ca-trust source anchors yourCer  ts pem  CentOS On CentOS 5 this can be appended into  etc pki tls certs ca-bundle crt file  e g  ex   g BEGIN CERTIFICATE   END CERTIFICATE p   lt  echo   openssl s client -showcerts -connect example com 443  -scq   sudo tee -a  etc pki tls certs ca-bundle crt sudo update-ca-trust force-enable sudo update-ca-trust extract npm install  Note  To export only first certificate  remove g at the beginning  In CentOS 6  the certificate file can be copied to  etc pki ca-trust source anchors   Ubuntu Debian In Ubuntu Debian  copy CRT file into  usr local share ca-certificates   then run  sudo update-ca-certificates  macOS In macOS you can run  sudo security add-trusted-cert -d -r trustRoot -k  Library Keychains System keychain   foo crt  Windows In Windows  certutil -addstore -f  quot ROOT quot  new-root-certificate crt  See also  npm - Troubleshooting - SSL Error

[node.js] receiving error: 'Error: SSL Error: SELF_SIGNED_CERT_IN_CHAIN' while using npm

Examples related to node.js

Examples related to ssl-certificate

Examples related to npm