Home > Software engineering >  Node 16: npm rejects trusted self-signed certificate
Node 16: npm rejects trusted self-signed certificate

Time:11-05

I am trying to use npm install behind a proxy that intercepts HTTPS connections with a custom CA certificate. I am using Node 16.

The command always fails with:

3023 error code SELF_SIGNED_CERT_IN_CHAIN
3024 error errno SELF_SIGNED_CERT_IN_CHAIN
3025 error request to https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz failed, reason: self signed certificate in certificate chain

I have marked the CA certificate as trusted by the system -- curl -vvv -I https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz succeeds without certificate verification errors.

I have also exported NODE_EXTRA_CA_CERTS=/path/to/my-ca-cert.crt. I think this was key with Node 12 but does not appear to work anymore.

I have also tried passing --use-openssl-ca but observe no change.

I do not want to disable all certificate validation, I just want npm to trust my CA.

CodePudding user response:

This worked to have npm trust the certificates that the system trusts.

export npm_config_cafile=/etc/ssl/certs/ca-certificates.crt 
  • Related