At my day job, we sit behind a firewall which can break SSL certificates. If you attempt to install something with NPM and get the error message npm ERR! Error: SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE, it means you are in a similar situation. To fix this, simply run npm config set strict-ssl false and the issue will go away. Keep in mind that this makes your NPM installation less secure, and that you should re-enable strict-ssl whenever you are outside of the firewall.
tlhunter@machine:~/Sites/node-test $ npm install express npm http GET https://registry.npmjs.org/express npm ERR! Error: SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE npm ERR! at ClientRequest.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/request/main.js:483:26) npm ERR! at ClientRequest.g (events.js:156:14) npm ERR! at ClientRequest.emit (events.js:67:17) npm ERR! at HTTPParser.parserOnIncomingClient [as onIncoming] (http.js:1256:7) npm ERR! at HTTPParser.parserOnHeadersComplete [as onHeadersComplete] (http.js:91:29) npm ERR! at CleartextStream.socketOnData [as ondata] (http.js:1288:20) npm ERR! at CleartextStream._push (tls.js:375:27) npm ERR! at SecurePair.cycle (tls.js:734:20) npm ERR! at EncryptedStream.write (tls.js:130:13) npm ERR! at Socket.ondata (stream.js:38:26) npm ERR! You may report this log at: npm ERR! <http://github.com/isaacs/npm/issues> npm ERR! or email it to: npm ERR! <npm-@googlegroups.com> npm ERR! npm ERR! System Darwin 11.3.0 npm ERR! command "node" "/usr/local/bin/npm" "install" "express" npm ERR! cwd /Users/thunter/Sites/node-test npm ERR! node -v v0.6.18 npm ERR! npm -v 1.1.22 npm ERR! message SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE npm ERR! npm ERR! Additional logging details can be found in: npm ERR! /Users/thunter/Sites/node-test/npm-debug.log npm not ok tlhunter@machine:~/Sites/node-test $ npm config set strict-ssl false tlhunter@machine:~/Sites/node-test $ npm install express npm http GET https://registry.npmjs.org/express npm http 200 https://registry.npmjs.org/express npm http GET https://registry.npmjs.org/express/-/express-2.5.9.tgz npm http 200 https://registry.npmjs.org/express/-/express-2.5.9.tgz npm http GET https://registry.npmjs.org/connect npm http GET https://registry.npmjs.org/mime/1.2.4 npm http GET https://registry.npmjs.org/qs npm http GET https://registry.npmjs.org/mkdirp/0.3.0 npm http 200 https://registry.npmjs.org/mime/1.2.4 npm http GET https://registry.npmjs.org/mime/-/mime-1.2.4.tgz npm http 200 https://registry.npmjs.org/mkdirp/0.3.0 npm http GET https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.0.tgz npm http 200 https://registry.npmjs.org/qs npm http GET https://registry.npmjs.org/qs/-/qs-0.4.2.tgz npm http 200 https://registry.npmjs.org/connect npm http GET https://registry.npmjs.org/connect/-/connect-1.8.7.tgz npm http 200 https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.0.tgz npm http 200 https://registry.npmjs.org/mime/-/mime-1.2.4.tgz npm http 200 https://registry.npmjs.org/qs/-/qs-0.4.2.tgz npm http 200 https://registry.npmjs.org/connect/-/connect-1.8.7.tgz npm http GET https://registry.npmjs.org/formidable npm http 200 https://registry.npmjs.org/formidable npm http GET https://registry.npmjs.org/formidable/-/formidable-1.0.9.tgz npm http 200 https://registry.npmjs.org/formidable/-/formidable-1.0.9.tgz express@2.5.9 ./node_modules/express ├── qs@0.4.2 ├── mime@1.2.4 ├── mkdirp@0.3.0 └── connect@1.8.7 (formidable@1.0.9)
Was trying to install connect.js through npm and was having this issue. Our company has a Websense firewall set up. Your solution worked. Thank you!
Thank you very much!
thx bro. I’ve probably solved this a bunch of times due to the man-in-the-middle ssl attack our office network employs. I’ll probably have to solve it many times in the future, too, and this post rocks.