Search code examples
node.jsnpmnpm-installcodeship

Codeship Basic npm install fails Error: SSL Error: CERT_UNTRUSTED

I'm having a consistent issue where my Codeship Basic setup step is failing when running npm install:

npm http GET https://registry.npmjs.org/babel-runtime
npm ERR! Error: SSL Error: CERT_UNTRUSTED
npm ERR!     at ClientRequest.<anonymous> (/home/rof/.nvm/v0.6.21/lib/node_modules/npm/node_modules/request/main.js:440:26)
npm ERR!     at ClientRequest.g (events.js:156:14)
npm ERR!     at ClientRequest.emit (events.js:67:17)
npm ERR!     at HTTPParser.parserOnIncomingClient [as onIncoming] (http.js:1256:7)
npm ERR!     at HTTPParser.parserOnHeadersComplete [as onHeadersComplete] (http.js:91:29)
npm ERR!     at CleartextStream.socketOnData [as ondata] (http.js:1288:20)
npm ERR!     at CleartextStream._push (tls.js:375:27)
npm ERR!     at SecurePair.cycle (tls.js:734:20)
npm ERR!     at EncryptedStream.write (tls.js:130:13)
npm ERR!     at Socket.ondata (stream.js:38:26)
npm ERR!  [Error: SSL Error: CERT_UNTRUSTED]
npm ERR! You may report this log at:
npm ERR!     <http://github.com/isaacs/npm/issues>
npm ERR! or email it to:
npm ERR!     <npm-@googlegroups.com>

npm ERR! System Linux 4.2.0-42-generic
npm ERR! command "node" "/home/rof/.nvm/v0.6.21/bin/npm" "install"
npm ERR! cwd /home/rof/src/
npm ERR! node -v v0.6.21-pre
npm ERR! npm -v 1.1.37
npm ERR! message SSL Error: CERT_UNTRUSTED
npm http GET https://registry.npmjs.org/axios

The same npm install / package.json works without issue on my local system.

I'm trying to avoid just disabling SSL certificate verification as that doesn't seem like the right fix to the underlying problem.

Anybody else seen this when using Codeship?

Solution 
  • npm ERR! node -v v0.6.21-pre
npm ERR! npm -v 1.1.37

    This appears to be an end of life issue with node versions.

    You are running older versions of both node and NPM, and the SSL get's shut off. Essentially the only options are using non-SSL registries, or using a newer version of node/npm. 

    npm config set strict-ssl false

npm config set registry="http://registry.npmjs.org/"

    I don't believe that the npm client included with Node 0.6 contains the necessary certificates to connect to the npm registry over SSL. SSL certificates expire, as you know, and so this is simply a natural consequence of using old software to connect to SSL servers, from what I understand.

    I'm linking to the NPM issue - https://github.com/npm/npm/issues/4391