How to Fix Self-Signed Certificate in Certificate Chain Error

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • Since npm stopped automatically accepting self-signed certificates, users have started to report errors while trying to publish some packages in certain applications.
  • The error can be fixed, usually, by upgrading the package manager or use the known registrars.
error: self signed certificate in certificate chain

For some time now, developers encountered a SELF_SIGNED_CERT_IN_CHAIN error during installing and publishing packages in certain applications and developer tools such as Node.js, npm, or Git.

Until a few years ago, when npm for instance announced that they would no longer support self-signed certificates.

This means that the certificate verification process was no longer automatic. So developers now have to set up their application to see the self-signed certificates.


How do I fix self-signed certificate in the certificate chain?

self signed certificate in certificate chain

Depending on the tool you’re using, there are a few recommendations. Some are risky, some are safe. One thing is clear, though: you should not attempt to disable the certification verification process altogether.

For Node.js

You can insert an environment variable to allow untrusted certificates using the following command at the beginning of the code:

process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = 0;

This is risky and it’s not recommended to be used in production. Alternatively, use npm config set strict-ssl=false if you have to do this for many applications and you want to save repeating the process.

Users also suggest upgrading your version of Node, to fixes any existing bugs and vulnerabilities.


For npm

The recommended solution is, again, to upgrade your version of npm running one of the following:

npm install npm -g --ca=null 

npm update npm -g

Or,  tell your current version of npm to use known registrars, and after installing, stop using them:

npm config set ca ""
npm install npm -g
npm config delete ca

Some users mentioned that they only switched the registry URL from https to http:

npm config set registry="http://registry.npmjs.org/"

We hope that one of these suggestions helped you fix the problem. Should you have any recommendations, please use the comments section below.



[wl_navigator]

More about the topics: certificate error

User forum

0 messages