This article will show how to fix the issue “npm ERR! code SELF_SIGNED_CERT_IN_CHAIN” in Node.js.
The Error
When working with Node.js and npm (Node Package Manager), you might encounter the following error:
npm ERR! code SELF_SIGNED_CERT_IN_CHAIN
This error indicates a problem with SSL certification when npm tries to access remote repositories. Let’s explore various solutions to resolve this issue.
Understanding the Error
This error often arises due to incompatibilities or issues with the SSL certificate of npm and the Node registry. It’s crucial to address this to ensure secure and uninterrupted package management.
Solutions
Here are the solutions below to resolve the issue “npm ERR! code SELF_SIGNED_CERT_IN_CHAIN”.
Use Node’s Certificate Authority (CA)
This method involves instructing npm to use the Certificate Authority (CA) from Node.js instead of its built-in CA. This can be particularly useful if the error is due to a mismatch or incompatibility between the npm’s built-in certificate and the Node registry’s SSL certificate.
npm config set ca=""
This command clears the CA setting in npm’s configuration, which forces it to fall back to using the default CA provided by Node.js. This can often resolve SSL issues if the default npm CA is outdated or incompatible.
Update npm
Updating npm to the latest version can resolve a variety of issues, including SSL certificate problems, as newer versions of npm might have updated SSL configurations or bug fixes.
npm install npm -g --ca=null
This command updates npm globally (-g) to the latest version. The --ca=null option tells npm to ignore the current CA configuration during the update process, which can help bypass SSL errors that prevent the update.
Set npm Registry to HTTP (Windows 10 Specific)
On Windows 10, switching the npm registry from HTTPS to HTTP can bypass SSL verification steps, which is useful if the SSL error is preventing access to the registry.
npm config set registry http://registry.npmjs.org/
After this, try installing your package:
npm install [your package]
The first command sets npm’s registry URL to an HTTP version, which doesn’t require SSL for communication. This can be a workaround for SSL issues, but it’s less secure than using HTTPS. The second command is a standard npm install command for your desired package.
Configure npm with your Certificate Authorities File (Linux Distros)
In Linux distributions, configuring npm to use a custom Certificate Authorities (CA) file can solve SSL certificate issues, especially in environments with a corporate proxy or custom security settings.
npm config set cafile "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" -g
This command configures npm to use a specific CA file located at /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem. This file should contain all necessary CA certificates, including those for any intermediaries or corporate proxies. The -g flag applies this setting globally.
Disabling Strict SSL
Disabling strict SSL mode in npm is a last resort because it makes your connections less secure. This method should only be used if all other methods fail and there’s an urgent need to bypass SSL verification.
npm set strict-ssl false
This command disables strict SSL checking in npm, which means npm will no longer reject self-signed or untrusted certificates. This poses a security risk and should be used cautiously and temporarily.
Conclusion
Resolving the “SELF_SIGNED_CERT_IN_CHAIN” error in npm involves troubleshooting SSL certificate issues. Start with less invasive methods like updating npm or configuring it to use your system’s CA. Only disable strict SSL as a last resort due to the security implications. By following these steps, you can safely and effectively manage your Node.js packages without encountering SSL certification errors.