I am trying to use npm install
behind a proxy that intercepts HTTPS connections with a custom CA certificate. I am using Node 16.
The command always fails with:
3023 error code SELF_SIGNED_CERT_IN_CHAIN
3024 error errno SELF_SIGNED_CERT_IN_CHAIN
3025 error request to https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz failed, reason: self signed certificate in certificate chain
I have marked the CA certificate as trusted by the system -- curl -vvv -I https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz
succeeds without certificate verification errors.
I have also exported NODE_EXTRA_CA_CERTS=/path/to/my-ca-cert.crt
. I think this was key with Node 12 but does not appear to work anymore.
I have also tried passing --use-openssl-ca
but observe no change.
I do not want to disable all certificate validation, I just want npm
to trust my CA.
CodePudding user response:
This worked to have npm
trust the certificates that the system trusts.
export npm_config_cafile=/etc/ssl/certs/ca-certificates.crt