Currently we need to ignore the strict-ssl false configuration from our .npmrc file in order to have secure connection to our private npm registry hosted in Jfrog.
I tried pointing the cert.pem file by using npm config set cafile and also
export NODE_EXTRA_CA_CERTS= both does not work.
Nodejs 12.
Could anyone please help me to solve this issue as im getting blocked a long time due to this.
You can just use:
set NODE_EXTRA_CA_CERTS="path to yourrootcertificate.pem or yourrootcertificate.cer>"
or
npm config set cafile "path toyourrootcertificate.pem or yourrootcertificate.cer"
Related
Today I received the following error in my node js express server: unable to get local issuer certificate.
After some research I found out, that the expression process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; allows any unauthorized certificates. This works, but I would like to add a certificate to my service.
So I found this ticket/ answer (https://stackoverflow.com/a/44726189/17330227) which explains how to add a certificate. I have done the steps one by one and am now stuck on the last one. You have to insert the certificate under cafile. For this I used the command npm config set cafile "C:\Users\...\Certificate.cer". Unfortunately I got the initial error message again and looked at the changes with npm config ls -l. At the entry cafile it says the following ; cafile = null ; overridden by user. Furthermore I get the following output cafile = "C:\Users\...Certificate.cer and ...\Certificate.cer = "".
Apparently I am doing something wrong in the "Add Certificate" step. I have tried different notations of the path, nothing works. If someone can help me, that would be great - thanks!
In order to use private npm registry I am trying to setup credentials and ca certs in project's .npmrc file .
like following:
ca[]=<ROOT_CA> # NOTE this needs to string in double quotes, with newlines replaced be \n
ca[]=<INTERMEDIATE_CA> # NOTE this needs to string in double quotes, with newlines replaced be \n
And it works absolutely fine.
But when I move these values to system environment (Mac OS .zshrc) & try to read like following :
ca[]="${NPM_REG_ROOT_CERT}"
ca[]="${NPM_REG_INTERMEDIATE_CERT}"
It gives me error like following
npm ERR! code UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! errno UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! request <complete path to dependency> failed, reason: unable to verify the first certificate
I have ensured the env values are available & everything works fine (other login credentials are also coming from environment only).
These CA certs are having issue while loading from system environment !
If I disable strict-ssl things work. It means other credentials are loading correctly from system environment .
Am I missing something here ?
Could it be related to format of CA cert string stored in system environment. I am setting it as base64 string having newline replaced with \n.
Please help.
I am trying to install jquery using npm in my project, but it is giving this error : npm ERR! 407 Proxy Authentication Required - GET http://registry.npmjs.org/jquery. On Googling I found out that we have to set proxy settings using commands such as npm config set proxy http://proxy.company.com:proxyport but I am using a VPN network, and in proxy settings it shows *Some properties are hidden or managed by your organization How do I resolve this problem?
Correct proxy setting:
HOME:File .npmrc
Mac:
/Users/user_name/.npmrc
Window:
C:\Users\user_name\.npmrc
Add proxy with username and password
proxy=http://username:password#proxy_url:8080
http-proxy=http://username:password#proxy_url:8080
https-proxy=http://username:password#proxy_url:8080
Note: If your password contains special char, replace with encoded value. Like # will be %40
We have a private npm repository based on Sinopia
What should I define in package.json that some packages will be installed from Synopia rather then from global npm repository?
If I install it from command line I can run: npm install <package_name> --registry <http://<server:port>
P.S. tried to google and looked in official NPM documentation but have found nothing.
One of the method i know that is by .npmrc
You can also use .npmrc also inside the project
set configuration like this
registry = http://10.197.142.28:8081/repository/npm-internal/
init.author.name = Himanshu sharma
init.author.email = rmail#email.com
init.author.url = http://blog.example.com
# an email is required to publish npm packages
email=youremail#email.com
always-auth=true
_auth=YWRtaW46YWRtaW4xMjM=
auth can be generate by
username:password
echo -n 'admin:admin123' | openssl base64
output YWRtaW46YWRtaW4xMjM=
The whole point of sinopia is a private registry and a proxy at the same time. You can use uplinks install all your packages from one registry entry point. Sinopia is able to route to any registry if the local storage is not able to resolve the dependency. By default, he points to npmjs .
So, if you set your configuration like
# a list of other known repositories we can talk to
uplinks:
npmjs:
url: https://registry.npmjs.org/
packages:
'#*/*':
# scoped packages
access: $all
publish: $authenticated
proxy: npmjs
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish packages
# (anyone can register by default, remember?)
publish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
You should be able to resolve all your dependencies independently of the source of each of them
btw: sinopia has no longer maintained.
This question already has answers here:
Escape # character in git proxy password
(5 answers)
Closed 7 years ago.
Please look into it as it is not working for me:
npm warn invalid config proxy http://'Accenture\username:userpassword#2017'#127.0.0.1:8080
npm warn invalid config Must be a full url with 'http://'
Finally i got the issue resolved with the help from network guy
strict-ssl=false
proxy = http://ip address of proxy:8088
https-proxy = https://ip address of proxy:8088
registry = http://registry.npmjs.org/
These settings should go in ~/.npmrc, or in /root/.npmrc if you need to use sudo.
If you wish to change any of the configuration properties in npm, the section on config on npmjs.com is useful:
https://docs.npmjs.com/cli/config
The full proxy configuration for npm is
npm config set http-proxy http://username:password#proxy-address.com:80/'
npm config set https-proxy http://username:password#proxy-address.com:80/'
That should work for you, you can also double check it's set by typing
npm config list
http-proxy = "http://username:password#proxy-address.com:80/"
https-proxy = "http://username:password#proxy-address.com:80/"
Further to that, if you prefer to edit the config file directly it is stored in a file called .npmrc that can be added either to each project root or the global settings in your user directory, please see the npmrc help content
https://docs.npmjs.com/files/npmrc
In relation to your question, if your password contains special characters, they need to be escaped. This url provides useful information on special characters:
http://www.cyberciti.biz/faq/unix-linux-export-variable-http_proxy-with-special-characters/
As an example, if your password were P#ssword then it will become P%40ssword.