NPM SSL Errors
Multithreaded JavaScript has been published with O'Reilly!At my day job, we sit behind a firewall which can break SSL certificates. If you attempt to install something with NPM and get the error message npm ERR! Error: SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE, it means you are in a similar situation. To fix this, simply run npm config set strict-ssl false and the issue will go away. Keep in mind that this makes your NPM installation less secure, and that you should re-enable strict-ssl whenever you are outside of the firewall.
tlhunter@machine:~/Sites/node-test $ npm install express
npm http GET https://registry.npmjs.org/express
npm ERR! Error: SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! at ClientRequest.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/request/main.js:483:26)
npm ERR! at ClientRequest.g (events.js:156:14)
npm ERR! at ClientRequest.emit (events.js:67:17)
npm ERR! at HTTPParser.parserOnIncomingClient [as onIncoming] (http.js:1256:7)
npm ERR! at HTTPParser.parserOnHeadersComplete [as onHeadersComplete] (http.js:91:29)
npm ERR! at CleartextStream.socketOnData [as ondata] (http.js:1288:20)
npm ERR! at CleartextStream._push (tls.js:375:27)
npm ERR! at SecurePair.cycle (tls.js:734:20)
npm ERR! at EncryptedStream.write (tls.js:130:13)
npm ERR! at Socket.ondata (stream.js:38:26)
npm ERR! You may report this log at:
npm ERR! <http://github.com/isaacs/npm/issues>
npm ERR! or email it to:
npm ERR! <npm-@googlegroups.com>
npm ERR!
npm ERR! System Darwin 11.3.0
npm ERR! command "node" "/usr/local/bin/npm" "install" "express"
npm ERR! cwd /Users/thunter/Sites/node-test
npm ERR! node -v v0.6.18
npm ERR! npm -v 1.1.22
npm ERR! message SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /Users/thunter/Sites/node-test/npm-debug.log
npm not ok
tlhunter@machine:~/Sites/node-test $ npm config set strict-ssl false
tlhunter@machine:~/Sites/node-test $ npm install express
npm http GET https://registry.npmjs.org/express
npm http 200 https://registry.npmjs.org/express
npm http GET https://registry.npmjs.org/express/-/express-2.5.9.tgz
npm http 200 https://registry.npmjs.org/express/-/express-2.5.9.tgz
npm http GET https://registry.npmjs.org/connect
npm http GET https://registry.npmjs.org/mime/1.2.4
npm http GET https://registry.npmjs.org/qs
npm http GET https://registry.npmjs.org/mkdirp/0.3.0
npm http 200 https://registry.npmjs.org/mime/1.2.4
npm http GET https://registry.npmjs.org/mime/-/mime-1.2.4.tgz
npm http 200 https://registry.npmjs.org/mkdirp/0.3.0
npm http GET https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.0.tgz
npm http 200 https://registry.npmjs.org/qs
npm http GET https://registry.npmjs.org/qs/-/qs-0.4.2.tgz
npm http 200 https://registry.npmjs.org/connect
npm http GET https://registry.npmjs.org/connect/-/connect-1.8.7.tgz
npm http 200 https://registry.npmjs.org/mkdirp/-/mkdirp-0.3.0.tgz
npm http 200 https://registry.npmjs.org/mime/-/mime-1.2.4.tgz
npm http 200 https://registry.npmjs.org/qs/-/qs-0.4.2.tgz
npm http 200 https://registry.npmjs.org/connect/-/connect-1.8.7.tgz
npm http GET https://registry.npmjs.org/formidable
npm http 200 https://registry.npmjs.org/formidable
npm http GET https://registry.npmjs.org/formidable/-/formidable-1.0.9.tgz
npm http 200 https://registry.npmjs.org/formidable/-/formidable-1.0.9.tgz
express@2.5.9 ./node_modules/express
├── qs@0.4.2
├── mime@1.2.4
├── mkdirp@0.3.0
└── connect@1.8.7 (formidable@1.0.9)
Thomas has contributed to dozens of enterprise Node.js services and has worked for a company dedicated to securing Node.js. He has spoken at several conferences on Node.js and JavaScript and is an O'Reilly published author.
