Open jhr007 opened 6 years ago
Thanks. I'm planning to do some work on nvs
to make it work better in proxy environments. Part of the work will be some documentation about how to configure proxy settings. So I'll include this info in that doc.
Can't make nvs
to work property over company proxy.
Note the syntax for Power Shell is $env:NODE_EXTRA_CA_CERTS="C:\cert.pem"
Use SETX
to make it permanent. Note, setx
won't apply the value to current shell, so use both.
setx NODE_EXTRA_CA_CERTS C:\path\to\your\ca.pem
set NODE_EXTRA_CA_CERTS=C:\path\to\your\ca.pem
Anyway, this 👆 hasn't helped me solve my issue, but this did 👇 https://stackoverflow.com/a/55220462.
setx NODE_TLS_REJECT_UNAUTHORIZED 0
set NODE_TLS_REJECT_UNAUTHORIZED=0
For local development I guess it's OK. Not a solution for production though!
This can also be included in the script itself as a workaround?
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
Since nothing else on this repo pointed to this error, here's a write up...
tl;dr;
Windows:
set NODE_EXTRA_CA_CERTS=C:\path\to\your\ca.pem
Use the UI to set a environment variable to make it more permanent. Noteca.pem
should be just your CA.Error:
nvs
-> then pick first entry gets:Failed to download index: https://nodejs.org/dist/index.json self signed certificate in certificate chain
Normally this means that SSL connection has been compromised, but I'm behind a corporate firewall/proxy that man-in-the-middle's SSL certificates and rewraps the requests in a SSL cert signed by a private(self-signed) Certificate Authority.
npm
was giving me this same error and I fixed by using npm's cafile config setting. I downloaded an extract of Firefox's valid CAs cacert.pem(https://curl.haxx.se/docs/caextract.html) and added the corporate CA in with the rest.I later realized that
npm
was just using node's tls and found the environment variable. Hopefully this will help the next person and you wont have to have write cli flags to support this.A bunch of resources were left uncredited in the writing of this