286
votes

Read about a proxy variable in a .npmrc file but it does not work. Trying to avoid manually downloading all require packages and installing.

30

30 Answers

364
votes

I solved this problem this way:

  1. I run this command:

    npm config set strict-ssl false
    
  2. Then set npm to run with http, instead of https:

    npm config set registry "http://registry.npmjs.org/"
    
  3. Then I install packages using this syntax:

    npm --proxy http://username:[email protected]:80 install packagename
    

Skip the username:password part if proxy doesn't require you to authenticate

EDIT: A friend of mine just pointed out that you may get NPM to work behind a proxy by setting BOTH HTTP_PROXY and HTTPS_PROXY environment variables, then issuing normally the command npm install express (for example)

EDIT2: As @BStruthers commented, keep in mind that passwords containing "@" wont be parsed correctly, if contains @ put the entire password in quotes

345
votes

Setup npm proxy

For HTTP:

npm config set proxy http://proxy_host:port

For HTTPS:

use the https proxy address if there is one

npm config set https-proxy https://proxy.company.com:8080

else reuse the http proxy address

npm config set https-proxy http://proxy.company.com:8080

Note: The https-proxy doesn't have https as the protocol, but http.

113
votes

When in doubt, try all these commands, as I do:

npm config set registry http://registry.npmjs.org/
npm config set proxy http://myusername:[email protected]:8080
npm config set https-proxy http://myusername:[email protected]:8080
npm config set strict-ssl false
set HTTPS_PROXY=http://myusername:[email protected]:8080
set HTTP_PROXY=http://myusername:[email protected]:8080
export HTTPS_PROXY=http://myusername:[email protected]:8080
export HTTP_PROXY=http://myusername:[email protected]:8080
export http_proxy=http://myusername:[email protected]:8080

npm --proxy http://myusername:[email protected]:8080 \
--without-ssl --insecure -g install

=======

UPDATE

Put your settings into ~/.bashrc or ~/.bash_profile so you don't have to worry about your settings everytime you open a new terminal window!

If your company is like mine, I have to change my password pretty often. So I added the following into my ~/.bashrc or ~/.bash_profile so that whenever I open a terminal, I know my npm is up to date!

  1. Simply paste the following code at the bottom of your ~/.bashrc file:

    ######################
    # User Variables (Edit These!)
    ######################
    username="myusername"
    password="mypassword"
    proxy="mycompany:8080"
    
    ######################
    # Environement Variables
    # (npm does use these variables, and they are vital to lots of applications)
    ######################
    export HTTPS_PROXY="http://$username:$password@$proxy"
    export HTTP_PROXY="http://$username:$password@$proxy"
    export http_proxy="http://$username:$password@$proxy"
    export https_proxy="http://$username:$password@$proxy"
    export all_proxy="http://$username:$password@$proxy"
    export ftp_proxy="http://$username:$password@$proxy"
    export dns_proxy="http://$username:$password@$proxy"
    export rsync_proxy="http://$username:$password@$proxy"
    export no_proxy="127.0.0.10/8, localhost, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16"
    
    ######################
    # npm Settings
    ######################
    npm config set registry http://registry.npmjs.org/
    npm config set proxy "http://$username:$password@$proxy"
    npm config set https-proxy "http://$username:$password@$proxy"
    npm config set strict-ssl false
    echo "registry=http://registry.npmjs.org/" > ~/.npmrc
    echo "proxy=http://$username:$password@$proxy" >> ~/.npmrc
    echo "strict-ssl=false" >> ~/.npmrc
    echo "http-proxy=http://$username:$password@$proxy" >> ~/.npmrc
    echo "http_proxy=http://$username:$password@$proxy" >> ~/.npmrc
    echo "https_proxy=http://$username:$password@$proxy" >> ~/.npmrc
    echo "https-proxy=http://$username:$password@$proxy" >> ~/.npmrc
    
    ######################
    # WGET SETTINGS
    # (Bonus Settings! Not required for npm to work, but needed for lots of other programs)
    ######################
    echo "https_proxy = http://$username:$password@$proxy/" > ~/.wgetrc
    echo "http_proxy = http://$username:$password@$proxy/" >> ~/.wgetrc
    echo "ftp_proxy = http://$username:$password@$proxy/" >> ~/.wgetrc
    echo "use_proxy = on" >> ~/.wgetrc
    
    ######################
    # CURL SETTINGS
    # (Bonus Settings! Not required for npm to work, but needed for lots of other programs)
    ######################
    echo "proxy=http://$username:$password@$proxy" > ~/.curlrc
    
  2. Then edit the "username", "password", and "proxy" fields in the code you pasted.

  3. Open a new terminal

  4. Check your settings by running npm config list and cat ~/.npmrc

  5. Try to install your module using

    • npm install __, or
    • npm --without-ssl --insecure install __, or
    • override your proxy settings by using npm --without-ssl --insecure --proxy http://username:password@proxy:8080 install __.
    • If you want the module to be available globally, add option -g
35
votes

Have you tried command-line options instead of the .npmrc file?

I think something like npm --proxy http://proxy-server:8080/ install {package-name} worked for me.

I've also seen the following: npm config set proxy http://proxy-server:8080/

21
votes

Though there are already many good advice, for my environment(Windows 7, using PowerShell) and the last version available of node.js ( v8.1.2 ) all the above did not worked, except when I followed brunowego settings.

So check your settings with :

npm config list

Settings behind a proxy:

npm config set registry http://registry.npmjs.org/
npm config set http-proxy http://username:password@ip:port
npm config set https-proxy http://username:password@ip:port
npm config set proxy http://username:password@ip:port
npm set strict-ssl false

Hope this will save time to someone

17
votes

This works for me in Windows:

npm config set proxy http://domain%5Cuser:pass@host:port

If you are not in any domain, use:

npm config set proxy http://user:pass@host:port

If your password contains special characters such as ",@,: and so on, replace them by their URL encoded values. For example "->%22, @->%40, :->%3A. %5C is used for the character \.

15
votes

To setup the http proxy have the -g flag set:

sudo npm config set proxy http://proxy_host:port -g

For https proxy, again make sure the -g flag is set:

sudo npm config set https-proxy http://proxy_host:port -g

9
votes

This worked for me-

npm config set proxy http://proxy.company.com:8080
npm config set https-proxy http://proxy.company.com:8080
npm set strict-ssl=false
8
votes
$ npm config set proxy http://login:pass@host:port
$ npm config set https-proxy http://login:pass@host:port
7
votes

Though i set proxy with config, problem was not solved but after This one worked for me:

npm --https-proxy http://XX.AA.AA.BB:8080 install cordova-plugins

npm --proxy http://XX.AA.AA.BB:8080 install

7
votes

vim ~/.npmrc in your Linux machine and add following. Don't forget to add registry part as this cause failure in many cases.

proxy=http://<proxy-url>:<port>
https-proxy=https://<proxy-url>:<port>
registry=http://registry.npmjs.org/
7
votes

Finally i have managed to solve this problem being behinde proxy with AD authentication. I had to execute:

npm config set proxy http://domain%5Cuser:password@proxy:port/
npm config set https-proxy http://domain%5Cuser:password@proxy:port/

It is very important to URL encode any special chars like backshlash or # In my case i had to encode

  1. backshlash with %5C so domain\user will be domain%5Cuser
  2. # sign with %23%0A so password like Password#2 will be Password%23%0A2

I have also added following settings:

npm config set strict-ssl false
npm config set registry http://registry.npmjs.org/
6
votes

I tried all of these options, but my proxy wasn't having any of it for some reason. Then, born out of desparation/despair, I randomly tried curl in my Git Bash shell, and it worked.

Unsetting all of the proxy options using

npm config rm proxy
npm config rm https-proxy

And then running npm install in my Git Bash shell worked perfectly. I don't know how it's set up correctly for the proxy and the Windows cmd prompt isn't, but it worked.

6
votes
npm config set proxy <http://...>:<port_number>
npm config set registry http://registry.npmjs.org/

This solved my problem.

6
votes

After tying different answers finally, @Kayvar answers's first four lines help me to solve the issue:

npm config set registry http://registry.npmjs.org/
npm config set proxy http://myusername:[email protected]:8080
npm config set https-proxy http://myusername:[email protected]:8080
npm config set strict-ssl false
5
votes

This worked for me. Set the http and https proxy.

5
votes

Try to find .npmrc in C:\Users\.npmrc

then open (notepad), write, and save inside :

proxy=http://<username>:<pass>@<proxyhost>:<port>

PS : remove "<" and ">" please !!

5
votes

For me even though python etc will all work though our corporate proxy npm would not.

I tried

npm config set proxy http://proxyccc.xxx.ca:8080 npm config set https-proxy https://proxyccc.xxx.ca:8080 npm config set registry http://registry.npmjs.org/

as instructed but kept getting the same error.

It was only when I removed https-proxy https://proxyccc.xxx.ca:8080 from the .npmrc file that npm install electron --save-dev worked

5
votes

On Windows system

Try removing the proxy and registry settings (if already set) and set environment variables on command line via

SET HTTP_PROXY=http://username:password@domain:port
SET HTTPS_PROXY=http://username:password@domain:port

then try to run npm install. By this, you'll not set the proxy in .npmrc but for that session it will work.

5
votes

In my case, I forgot to set the "http://" in my config files (can be found in C: \Users \ [USERNAME] \ .npmrc) proxy adresses. So instead of having

proxy=http://[IPADDRESS]:[PORTNUMBER]
https-proxy=http://[IPADDRESS]:[PORTNUMBER]

I had

proxy=[IPADDRESS]:[PORTNUMBER]
https-proxy=[IPADDRESS]:[PORTNUMBER]

Which of course did not work, but the error messages didnt help much either...

5
votes

There is good information on curl's page on SSL and certificate issues. I base most of my answer on the information there.

Using strict-ssl false is bad practice and can create issues. What we can do instead is add the certificate that is being injected, by the "man in the middle" certificate.

How to solve this on Windows:

  1. Download the CA Certificates from curl based on Mozilla's CA bundle. You can also use curl's "firefox-db2pem.sh" shellscript to convert your local Firefox database.
  2. Go to a webpage using https, for example Stackoverflow in Chrome or Internet Explorer
  3. Click the lock icon, click View certificates or "Valid" in Chrome
  4. Navigate to the Certification path. The top certificate, or the root certificate is the one we want to extract. Click that certificate and then "view certificate"
  5. Click the second tab, "Details". Click "Copy to file". Pick the DER format and make note of where you save the file. Pick a suitable filename, like rootcert.cer
  6. If you have Git installed you will have openssl.exe. Otherwise, install git for windows at this stage. Most likely the openssl executable will be at C:\Program Files\git\usr\bin\openssl.exe. We will use openssl to convert the file to the PEM format we need for NPM to understand it.
  7. Convert the file you saved in step 5 by using this command:
    openssl x509 -inform DES -in **rootcert**.cer -out outcert.pem -text
    where rootcert is the filename of the certificate you saved in step 5.
  8. Open the outcert.pem in a text-editor smart enough to understand line-endings, so not notepad. Select all the text and copy it to clipboard.
  9. Now we will paste that content to the end of the CA Cert bundle made in step 1. So open the cacert.pem in your advanced texteditor. Go to the end of the file and paste the content from previous step to the end of file. (Preserve the empty line below what you just pasted)
  10. Copy the saved cabundle.pem to a suitable place. Eg your %userprofile% or ~. Make note of the location of the file.
  11. Now we will tell npm/yarn to use the new bundle. In a commandline, write
    npm config set cafile **C:\Users\username\cacert.pem
    where C:\Users\username\cacert.pem is the path from step 10.
  12. Optionally: turn on strict-ssl again, npm config set strict-ssl true

Phew! We made it! Now npm can understand how to connect. Bonus is that you can tell curl to use the same cabundle.pem and it will also understand HTTPs.

4
votes

Use below command at cmd or GIT Bash or other prompt

$ npm config set proxy "http://192.168.1.101:4128"

$ npm config set https-proxy "http://192.168.1.101:4128"

where 192.168.1.101 is proxy ip and 4128 is port. change according to your proxy settings. its works for me.

4
votes

A lot of applications (e.g. npm) can use proxy setting from user environment variables.

You can just add to your environment following variables HTTP_PROXY and HTTPS_PROXY that will have the same value for each one

http://user:password@proxyAddress:proxyPort

For example if you have Windows you can add proxy as follow:

How it looks on Windows

4
votes

There has been many answers above for this question, but none of those worked for me. All of them mentioned to add http:// prefix. So I added it too. All failed.

It finally works after I accidentally removed http:// prefix. Final config is like this:

npm config set registry http://registry.npmjs.org/
npm config set http-proxy ip:port
npm config set https-proxy ip:port
npm config set proxy ip:port
npm set strict-ssl false

I don't know the logic behind this, but it worked. If none of answers above works for you, maybe you can have a try on this way. Hope this one is useful.

4
votes

Here are the steps that I've followed (Windows):

  1. Edit the following file C:\Users\<WIN_USERNAME>\.npmrc
  2. Export the certificate to your file system from the following address:https://registry.npmjs.org

  3. Navigate to the exported certificate location and issue the following command:

    npm config set cafile npm_certificate.cer

  4. Add the following changes to the file: registry=https://registry.npmjs.org/ strict-ssl=false https-proxy=http://[proxy_user]:[proxy_password]@[proxy_ip]:[proxy_port]/ cafile=npm_certificate.cer

Now you should be ready to go!

2
votes

My issue came down to a silly mistake on my part. As I had quickly one day dropped my proxies into a windows *.bat file (http_proxy, https_proxy, and ftp_proxy), I forgot to escape the special characters for the url-encoded domain\user (%5C) and password having the question mark '?' (%3F). That is to say, once you have the encoded command, don't forget to escape the '%' in the bat file command.

I changed

set http_proxy=http://domain%5Cuser:password%3F@myproxy:8080

to

set http_proxy=http://domain%%5Cuser:password%%3F@myproxy:8080

Maybe it's an edge case but hopefully it helps someone.

2
votes

Just open the new terminal and type npm config edit and npm config -g edit. Reset to defaults. After that close terminal, open the new one and type npm --without-ssl --insecure --proxy http://username:password@proxy:8080 install <package> if you need globally just add -g.

It worked for me, hope it`ll work for you :)

1
votes

when I give without http/http prefix in the proxy settings npm failed even when the proxy host and port were right values. It worked only after adding the protocol prefix.

0
votes

Go TO Environment Variables and Either Remove or set it to empty

HTTP_PROXY and HTTPS_PROXY

it will resolve proxy issue for corporate env too

0
votes

I just have have my share of fight with npm and proxy settings and since I do not like other answers I like to share how I think this should be resolved (compromising security is not an option).

What docs says

First of all you have to be aware what are important settings available for npm related to proxy:

  • proxy A proxy to use for outgoing http requests. If the HTTP_PROXY or http_proxy environment variables are set, proxy settings will be honored by the underlying request library.
  • https-proxy A proxy to use for outgoing https requests. If the HTTPS_PROXY or https_proxy or HTTP_PROXY or http_proxy environment variables are set, proxy settings will be honored by the underlying request library.
  • noproxy A comma-separated string or an array of domain extensions that a proxy should not be used for.
  • cafile A path to a file containing one or multiple Certificate Authority signing certificates. Similar to the ca setting, but allows for multiple CA's, as well as for the CA information to be stored in a file on disk.

Now since default values for proxy, https-proxy are based on environment variables it is recommended way to properly configure those variables so other tools could work too (like curl).

Note that for v6 noproxy documentation doesn't say anything about environment variables and since v7 NO_PROXY environment variable is mentioned. My environment wasn't configured to verify how this variable works (if lower case version is covered).

Proper configuration

Now I was configuring docker image which should be used behind a proxy and this entries were needed in Dockerfile:

COPY certs/PoroxyCertificate.crt /usr/local/share/ca-certificates/
COPY certs/RootCa.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates
# here all tools like curl were working

RUN  ["/bin/bash", "-c", "set -o pipefail && curl -sSL https://deb.nodesource.com/setup_14.x  |  bash -"]
RUN apt-get -y update && apt-get install -y nodejs
RUN npm config set cafile /etc/ssl/certs/ca-certificates.crt -g

Now interesting thing is that I needed two certificate files. RootCa.crt is self signed certificate for all corporate servers and PoroxyCertificate.crt contains that certificate, but it also has an extra middle SubCA certificate. Proxy was responding with certificate chain of length 3.

Now update-ca-certificates scans directory /usr/local/share/ca-certificates/ for new certificates and updates /etc/ssl/certs/ca-certificates.crt which will contain much more then those custom certificates.

Feeding this /etc/ssl/certs/ca-certificates.crt to cafile of npm config resolve all problems with certificates when proxy was used.

Important note

with npm v6 certificate errors quite often lead to npm ERR! Maximum call stack size exceeded what is very confusing (I even broke certificate on purpose to verify this issue), log file contained something like this:

RangeError: Maximum call stack size exceeded
    at isDepOptional (/usr/lib/node_modules/npm/lib/install/deps.js:417:24)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:441:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)

I've found some some issue about that, but this will not be fixed in v6.