Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE Phonegap Installation

S

8

91

I'm trying to install Phonegap in Ubuntu. The installation of NodeJS was successful, however I can't install Phonegap itself. Here is the error output of terminal:

test@test-VirtualBox:~$ sudo npm install -g phonegap
npm http GET https://registry.npmjs.org/phonegap
npm http GET https://registry.npmjs.org/phonegap
npm http GET https://registry.npmjs.org/phonegap
npm ERR! Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR!     at SecurePair.<anonymous> (tls.js:1350:32)
npm ERR!     at SecurePair.EventEmitter.emit (events.js:92:17)
npm ERR!     at SecurePair.maybeInitFinished (tls.js:963:10)
npm ERR!     at CleartextStream.read [as _read] (tls.js:463:15)
npm ERR!     at CleartextStream.Readable.read (_stream_readable.js:320:10)
npm ERR!     at EncryptedStream.write [as _write] (tls.js:366:25)
npm ERR!     at doWrite (_stream_writable.js:219:10)
npm ERR!     at writeOrBuffer (_stream_writable.js:209:5)
npm ERR!     at EncryptedStream.Writable.write (_stream_writable.js:180:11)
npm ERR!     at write (_stream_readable.js:573:24)
npm ERR! If you need help, you may report this log at:
npm ERR!     <http://bugs.debian.org/npm>
npm ERR! or use
npm ERR!     reportbug --attach /home/test/npm-debug.log npm

npm ERR! System Linux 3.11.0-14-generic
npm ERR! command "/usr/bin/nodejs" "/usr/bin/npm" "install" "-g" "phonegap"
npm ERR! cwd /home/test
npm ERR! node -v v0.10.15
npm ERR! npm -v 1.2.18
npm ERR! 
npm ERR! Additional logging details can be found in:
npm ERR!     /home/test/npm-debug.log
npm ERR! not ok code 0

Any help would be appreciated.

Seafarer answered 23/12, 2013 at 16:57 Comment(0)

S

191

I got the same error, given I was behind a corporate firewall/proxy and my connection was passed the proxy's certificate.

In your command line run:

npm config set strict-ssl false

NOTE: that this is not best practice to blindly accept untrusted or invalid SSL certificates, which is what the command does (turn off certificate checking). You can run

npm config set strict-ssl true

to turn it back on.

ref: https://thomashunter.name/blog/npm-ssl-errors/

Selby answered 27/1, 2014 at 15:51 Comment(3)

Thanks .. it worked in case installing Angular CLI with npm also. – Cusco 19/9, 2017 at 11:17

THANK YOU! I spent the entire morning trying to find the solution – Adelaideadelaja 25/5, 2018 at 9:45

Thank you! Used it to install 'react-router-dom'. It worked. – Alurta 23/4 at 14:22

E

42

This can be fixed without disabling strict SSL, however it is non-trivial.

Find the certificates actually being used, likely you're behind a corporate SSL intercepting proxy. You might be able to use a browser, some CLI tool etc. I ended up running certmgr.msc in Windows as the certificates are distributed via Group policy and export as p7b files.

Convert the certificates if necessary, I used openssl tool to convert from p7b to PEM (aka .crt)

openssl pkcs7 -print_certs -inform DER -in /mnt/adam/certs/my-company-root.p7b -outform PEM -out my-company-root.crt

Merge, if there is more than one certificate, into a single PEM file, taking care to order from leaf to root.

cat my-company-leaf.crt my-company-intermediate.crt my-company-root.crt > my-company-single.crt

Configure npm at the certificate file

npm config set cafile my-company-single.crt

(or globally)

sudo npm config set -g cafile my-company-single.crt

Endymion answered 13/8, 2015 at 11:56 Comment(1)

just tried it, and it's working ! For me it's way better than disabling ssl at all... You don't know what may happen in the future. Thanks for your solution :) – Revels 19/8, 2019 at 9:28

L

11

running

npm config set strict-ssl false

solved my problem.

I'm using Vagrant (Linux precise32 Ubuntu ), and Windows 7 as host.

Thanks

Lavella answered 3/2, 2014 at 19:11 Comment(0)

B

4

After struggling to solve this problem almost a week, ESET cause this error when run npm command.

https://github.com/SillyTavern/SillyTavern/issues/2100#issuecomment-2063231168

Open ESET and search in configuration for "Application scan rules", find node and put it in Ignore.

Boggess answered 21/4 at 18:47 Comment(2)

Thank you. The exact path is to open ESET and click on "Configuration" at the sidebar menu. Then click on "Advanced configuration" at bottom-right. A new window will open. Choose "Protection" on sidebar menu to expand it, then choose "SSL/TLS". Now on the right side you can view the "Application scan rules" option. Click on "Edit" and add nodejs executable. Make sure to set the scan action as "Ignore". – Maritsa 22/4 at 21:32

I had the same problem, and adding node.exe as an Ignore resolved it for me as well. Thanks! – Arsine 23/4 at 19:31

C

3

You can also disable SSL check in your code using node environment variable :

in your index.js file, add :

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

Note that this is not a good habits as it will not try to check the validity of https certificate

Cordillera answered 12/6, 2020 at 10:2 Comment(0)

K

2

in case anyone is as clumsy as me, I got UNABLE_TO_VERIFY_LEAF_SIGNATURE on npm install when I forgot to add the git+ before the url of my project.

I had

npm install --save https://myserv.er/my/project-path.git

instead of

npm install --save git+https://myserv.er/my/project-path.git

Kyungkyushu answered 14/1, 2020 at 8:44 Comment(0)

G

0

Make sure that root has configuration properties.

When using sudo, you're running under the environment configured for root. Root may not have the same node configuration, and may not be aware of your certificates. Try passing your environment configuration to root with -E:

$ sudo -E npm install -g phonegap

Geanine answered 26/3, 2021 at 20:1 Comment(0)

C

0

It happens to me. It turned out my cooperation proxy restricted the official NPM registry, and returned a blocked HTML warning. Just updated my npm registry to cooperate one, and the problem was solved.

Chemoprophylaxis answered 4/12, 2022 at 0:24 Comment(0)

Recommended topics

Hot tags