猫鼬安装-无法验证第一个证书

Question

I've read various answers about this error but I cannot get rid of it, when trying to install mongoose with npm install mongoose I get the following error:

vagrant@mean:/var/www/html/test$ npm install mongoose --save-dev
-
> kerberos@0.0.14 install /var/www/html/test/node_modules/mongoose/node_modules/mongodb/node_modules/mongodb-core/node_modules/kerberos
> (node-gyp rebuild) || (exit 0)

gyp WARN install got an error, rolling back install
gyp ERR! configure error
gyp ERR! stack Error: unable to verify the first certificate
gyp ERR! stack     at Error (native)
gyp ERR! stack     at TLSSocket.<anonymous> (_tls_wrap.js:1000:38)
gyp ERR! stack     at emitNone (events.js:67:13)
gyp ERR! stack     at TLSSocket.emit (events.js:166:7)
gyp ERR! stack     at TLSSocket._finishInit (_tls_wrap.js:567:8)
gyp ERR! System Linux 3.13.0-55-generic
gyp ERR! command "/home/vagrant/.nvm/versions/node/v4.1.1/bin/node" "/home/vagrant/.nvm/versions/node/v4.1.1/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /var/www/html/test/node_modules/mongoose/node_modules/mongodb/node_modules/mongodb-core/node_modules/kerberos
gyp ERR! node -v v4.1.1
gyp ERR! node-gyp -v v3.0.3
gyp ERR! not ok
mongoose@4.1.8 node_modules/mongoose
├── async@0.9.0
├── hooks-fixed@1.1.0
├── regexp-clone@0.0.1
├── mpromise@0.5.4
├── mpath@0.1.1
├── muri@1.0.0
├── ms@0.1.0
├── sliced@0.0.5
├── kareem@1.0.1
├── bson@0.4.12
├── mquery@1.6.3 (debug@2.2.0, bluebird@2.9.26)
└── mongodb@2.0.42 (es6-promise@2.1.1, readable-stream@1.0.31, mongodb-core@1.2.10)

I am running a new vagrant box ubuntu/trusty64 behind a corporate SSL proxy, here are my proxy configurations:

envvars

$HTTPS_PROXY=http://user:pwd@ip:port
$HTTP_PROXY=http://user:pwd@ip:port

~/.npmrc

https-proxy=http://user:pwd@ip:port
proxy=http://user:pwd@ip:port
ca=/etc/ssl/certs/acme.pem
cafile=/etc/ssl/certs/acme.pem

the certificate is trusted, both npm & curl works great

how did I try to fix the error

sudo apt-get install build-essential
npm install -g node-gyp

The --verbose error log

npm info install kerberos@0.0.14

> kerberos@0.0.14 install /var/www/html/test/node_modules/mongoose/node_modules/mongodb/node_modules/mongodb-core/node_modules/kerberos
> (node-gyp rebuild) || (exit 0)

gyp info it worked if it ends with ok
gyp verb cli [ '/home/vagrant/.nvm/versions/node/v4.1.1/bin/node',
gyp verb cli   '/home/vagrant/.nvm/versions/node/v4.1.1/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js',
gyp verb cli   'rebuild' ]
gyp info using node-gyp@3.0.3
gyp info using node@4.1.1 | linux | x64
gyp verb command rebuild []
gyp verb command clean []
gyp verb clean removing "build" directory
gyp verb command configure []
gyp verb check python checking for Python executable "python2" in the PATH
gyp verb `which` succeeded python2 /usr/bin/python2
gyp verb check python version `python2 -c "import platform; print(platform.python_version());"` returned: "2.7.6\n"
gyp verb get node dir no --target version specified, falling back to host node version: 4.1.1
gyp verb command install [ '4.1.1' ]
gyp verb install input version string "4.1.1"
gyp verb install installing version: 4.1.1
gyp verb install --ensure was passed, so won't reinstall if already installed
gyp verb install version not already installed, continuing with install 4.1.1
gyp verb ensuring nodedir is created /home/vagrant/.node-gyp/4.1.1
gyp verb created nodedir /home/vagrant/.node-gyp/4.1.1
gyp http GET https://nodejs.org/dist/v4.1.1/node-v4.1.1-headers.tar.gz
gyp verb download using proxy url: "http://usr:pwd@ip:port/"
gyp WARN install got an error, rolling back install
gyp verb command remove [ '4.1.1' ]
gyp verb remove using node-gyp dir: /home/vagrant/.node-gyp
gyp verb remove removing target version: 4.1.1
gyp verb remove removing development files for version: 4.1.1
gyp ERR! configure error
gyp ERR! stack Error: unable to verify the first certificate
gyp ERR! stack     at Error (native)
gyp ERR! stack     at TLSSocket.<anonymous> (_tls_wrap.js:1000:38)
gyp ERR! stack     at emitNone (events.js:67:13)
gyp ERR! stack     at TLSSocket.emit (events.js:166:7)
gyp ERR! stack     at TLSSocket._finishInit (_tls_wrap.js:567:8)
gyp ERR! System Linux 3.13.0-55-generic
gyp ERR! command "/home/vagrant/.nvm/versions/node/v4.1.1/bin/node" "/home/vagrant/.nvm/versions/node/v4.1.1/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /var/www/html/test/node_modules/mongoose/node_modules/mongodb/node_modules/mongodb-core/node_modules/kerberos
gyp ERR! node -v v4.1.1
gyp ERR! node-gyp -v v3.0.3
gyp ERR! not ok

Answer 1

Most likely your proxy server changes SSL certificate (to be able to sniff your traffic), making the certificate invalid. To workaround this add another environment variable: NODE_TLS_REJECT_UNAUTHORIZED=0

Be cautious though, because this changes global NodeJS behavior, forcing it to ignore any unauthorized certificates.

Answer 2

Nice, thank @Max Shmelev

With Windows: set NODE_TLS_REJECT_UNAUTHORIZED=0

then npm install again!