Npm SELF_SIGNED_CERT_IN_CHAIN on Azure

Question

Since npm dropped support for self signed certs yesterday, I can no longer install any packages from npm running on Windows Azure.

On my local machine I could solve the issue by applying this official fix. However, I couldn't find a way to fix the problem on my site instance. Any ideas?

Are you using express by chance? I noticed this breaking on the install of express. I updated to allow for any version of express and it resolved the issue. — Joey Schluchter, Feb 28 '14 at 16:18
tried. didn't work. it would be very strange if worked tho. this is a particular issue with npm and their policy change. — Bruno Faria, Feb 28 '14 at 18:11

score 11 · Answer 1 · edited Jul 29 '15 at 15:21

11

Since yesterday (Feb 27, 2014) NPM doesn't support self signed certificates anymore: http://blog.npmjs.org/post/78085451721/npms-self-signed-certificate-is-no-more

The solution: either

Upgrade your version of npm

npm update -g

-- or --

Tell your current version of npm to use known registrars

npm config set ca=""

-- or ---

As last resort resolution I don't suggest this for security issues, using SSL is always safer, switch your registry to use HTTP instead of HTTPS:

npm config set registry="http://registry.npmjs.org/"

edited Jul 29 '15 at 15:21

Nicholas Murray

13,305
14
65
84

answered Feb 28 '14 at 17:24

Maxime Poulin

152
5

3

as per description of the problem i have already posted this solution but it only applies to your own installations. Using PaaS services like Azure you don´t have control to npm or the node setup at all. – Bruno Faria Feb 28 '14 at 18:06
1

I should read the description better next time. Sorry. Between you an me a warning of the policy change from NPM would have been great... I guess they will update npm pretty quick on azure, you're not the only one with that issue I'm sure. – Maxime Poulin Feb 28 '14 at 18:21
Please see my answer for an Azure Web Site workaround. – David Ebbo Mar 01 '14 at 01:30
This command worked for me as I was inside office network--> npm config set registry="http://registry.npmjs.org/" – superachu Apr 25 '17 at 18:34

David Ebbo · Accepted Answer · 2014-03-01T02:34:44.947

Until we update NPM on Azure, one simple way to work around this is to create a custom deployment script (info here).

Here is a sample repo that demonstrates what to customize: https://github.com/davidebbo-test/AzureNpmCertWorkaround. Specifically, look at this commit, which uses the npm config set ca "" workaround.

If you don't want to deal with generating a custom deployment script using the Azure tool, you can simply grab the .deployment and the deploy.cmd from the test repo, and commit them to the root of your repo.

score 3 · Answer 3 · answered Feb 28 '14 at 19:05

3

You can't run npm install npm -g. npm install being broken is the problem, remember? A good tip from the comments on npm's blog post, worked like a charm:

npm config set strict-ssl false

npm install npm -g

npm config set strict-ssl true

You may need to use sudo.

answered Feb 28 '14 at 19:05

Shawn Erquhart

1,820
2
17
30

the problem is that we don't have access to the node installation on cloud services like Azure. You just deploy the application without worrying about the backend. You can't run cmds like npm install or config. – Bruno Faria Feb 28 '14 at 19:18

score 0 · Answer 4 · answered Jun 24 '14 at 06:09

Error Name: Error: SELF_SIGNED_CERT_IN_CHAIN

Steps to be followed to overcome this error:

1) Update Node.js and npm to its latest version,

2) Run these three commands in a sequence.

  -npm config set strict-ssl false
  -npm update npm –g
  -npm config set strict-ssl true

3) Set properties proxy and https-proxy in the npm config using these commands:

  -npm config set proxy “http://<proxy-name>:8080” 
  -npm config set https-proxy “http://<proxy-name>:8080”

Npm SELF_SIGNED_CERT_IN_CHAIN on Azure

4 Answers4

Linked