Closed
Description
Current Behavior:
There is no way to intercept npm CLI traffic without causing an error:
✖ npm whoami 130 ↵
npm WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning UNABLE_TO_VERIFY_LEAF_SIGNATURE: request to https://registry.npmjs.org/-/whoami failed, reason: unable to verify the first certificate
npm WARN registry Using stale data from https://registry.npmjs.org/ due to a request error during revalidation.
Expected Behavior:
When using an HTTPS proxy with npm
, I can correctly intercept SSL traffic by using the correct config options, like setting the NODE_TLS_REJECT_UNAUTHORIZED=0
env var, setting strict-ssl=false
in ~/.npmrc
or defining my self-signed cert via the ca
or cafile
config options.
Steps To Reproduce:
- Export your HTTPS proxy as an env var, e.g.
export HTTPS_PROXY=http://127.0.0.1:9090
- Configure your local HTTPS proxy's self-signed certificate via
ca
orcafile
- Run an npm command like
npm whoami
Environment:
- OS: macOS 10.15.6
- Node: 14.7.0
- npm: 7.0.0-beta.6