Read about a proxy variable in a .npmrc
file but it does not work. Trying to avoid manually downloading all require packages and installing.
30 Answers
I solved this problem this way:
I run this command:
npm config set strict-ssl false
Then set npm to run with http, instead of https:
npm config set registry "http://registry.npmjs.org/"
Then I install packages using this syntax:
npm --proxy http://username:[email protected]:80 install packagename
Skip the username:password
part if proxy doesn't require you to authenticate
EDIT: A friend of mine just pointed out that you may get NPM to work behind a proxy by setting BOTH HTTP_PROXY and HTTPS_PROXY environment variables, then issuing normally the command npm install express (for example)
EDIT2: As @BStruthers commented, keep in mind that passwords containing "@" wont be parsed correctly, if contains @ put the entire password in quotes
Setup npm
proxy
For HTTP
:
npm config set proxy http://proxy_host:port
For HTTPS
:
use the https proxy address if there is one
npm config set https-proxy https://proxy.company.com:8080
else reuse the http proxy address
npm config set https-proxy http://proxy.company.com:8080
Note: The https-proxy doesn't have https
as the protocol, but http
.
When in doubt, try all these commands, as I do:
npm config set registry http://registry.npmjs.org/
npm config set proxy http://myusername:[email protected]:8080
npm config set https-proxy http://myusername:[email protected]:8080
npm config set strict-ssl false
set HTTPS_PROXY=http://myusername:[email protected]:8080
set HTTP_PROXY=http://myusername:[email protected]:8080
export HTTPS_PROXY=http://myusername:[email protected]:8080
export HTTP_PROXY=http://myusername:[email protected]:8080
export http_proxy=http://myusername:[email protected]:8080
npm --proxy http://myusername:[email protected]:8080 \
--without-ssl --insecure -g install
=======
UPDATE
Put your settings into ~/.bashrc
or ~/.bash_profile
so you don't have to worry about your settings everytime you open a new terminal window!
If your company is like mine, I have to change my password pretty often. So I added the following into my ~/.bashrc or ~/.bash_profile so that whenever I open a terminal, I know my npm is up to date!
Simply paste the following code at the bottom of your
~/.bashrc
file:###################### # User Variables (Edit These!) ###################### username="myusername" password="mypassword" proxy="mycompany:8080" ###################### # Environement Variables # (npm does use these variables, and they are vital to lots of applications) ###################### export HTTPS_PROXY="http://$username:$password@$proxy" export HTTP_PROXY="http://$username:$password@$proxy" export http_proxy="http://$username:$password@$proxy" export https_proxy="http://$username:$password@$proxy" export all_proxy="http://$username:$password@$proxy" export ftp_proxy="http://$username:$password@$proxy" export dns_proxy="http://$username:$password@$proxy" export rsync_proxy="http://$username:$password@$proxy" export no_proxy="127.0.0.10/8, localhost, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16" ###################### # npm Settings ###################### npm config set registry http://registry.npmjs.org/ npm config set proxy "http://$username:$password@$proxy" npm config set https-proxy "http://$username:$password@$proxy" npm config set strict-ssl false echo "registry=http://registry.npmjs.org/" > ~/.npmrc echo "proxy=http://$username:$password@$proxy" >> ~/.npmrc echo "strict-ssl=false" >> ~/.npmrc echo "http-proxy=http://$username:$password@$proxy" >> ~/.npmrc echo "http_proxy=http://$username:$password@$proxy" >> ~/.npmrc echo "https_proxy=http://$username:$password@$proxy" >> ~/.npmrc echo "https-proxy=http://$username:$password@$proxy" >> ~/.npmrc ###################### # WGET SETTINGS # (Bonus Settings! Not required for npm to work, but needed for lots of other programs) ###################### echo "https_proxy = http://$username:$password@$proxy/" > ~/.wgetrc echo "http_proxy = http://$username:$password@$proxy/" >> ~/.wgetrc echo "ftp_proxy = http://$username:$password@$proxy/" >> ~/.wgetrc echo "use_proxy = on" >> ~/.wgetrc ###################### # CURL SETTINGS # (Bonus Settings! Not required for npm to work, but needed for lots of other programs) ###################### echo "proxy=http://$username:$password@$proxy" > ~/.curlrc
Then edit the "username", "password", and "proxy" fields in the code you pasted.
Open a new terminal
Check your settings by running
npm config list
andcat ~/.npmrc
Try to install your module using
npm install __
, ornpm --without-ssl --insecure install __
, or- override your proxy settings by using
npm --without-ssl --insecure --proxy http://username:password@proxy:8080 install __
. - If you want the module to be available globally, add option
-g
Though there are already many good advice, for my environment(Windows 7, using PowerShell) and the last version available of node.js ( v8.1.2 ) all the above did not worked, except when I followed brunowego settings.
So check your settings with :
npm config list
Settings behind a proxy:
npm config set registry http://registry.npmjs.org/
npm config set http-proxy http://username:password@ip:port
npm config set https-proxy http://username:password@ip:port
npm config set proxy http://username:password@ip:port
npm set strict-ssl false
Hope this will save time to someone
This works for me in Windows:
npm config set proxy http://domain%5Cuser:pass@host:port
If you are not in any domain, use:
npm config set proxy http://user:pass@host:port
If your password contains special characters such as "
,@
,:
and so on, replace them by their URL encoded values. For example "
->%22
, @
->%40
, :
->%3A
. %5C
is used for the character \
.
Though i set proxy with config, problem was not solved but after This one worked for me:
npm --https-proxy http://XX.AA.AA.BB:8080 install cordova-plugins
npm --proxy http://XX.AA.AA.BB:8080 install
Finally i have managed to solve this problem being behinde proxy with AD authentication. I had to execute:
npm config set proxy http://domain%5Cuser:password@proxy:port/
npm config set https-proxy http://domain%5Cuser:password@proxy:port/
It is very important to URL encode any special chars like backshlash or # In my case i had to encode
backshlash
with %5C sodomain\user will
bedomain%5Cuser
#
sign with%23%0A
so password likePassword#2
will bePassword%23%0A2
I have also added following settings:
npm config set strict-ssl false
npm config set registry http://registry.npmjs.org/
I tried all of these options, but my proxy wasn't having any of it for some reason. Then, born out of desparation/despair, I randomly tried curl
in my Git Bash shell, and it worked.
Unsetting all of the proxy options using
npm config rm proxy
npm config rm https-proxy
And then running npm install
in my Git Bash shell worked perfectly. I don't know how it's set up correctly for the proxy and the Windows cmd
prompt isn't, but it worked.
After tying different answers finally, @Kayvar answers's first four lines help me to solve the issue:
npm config set registry http://registry.npmjs.org/
npm config set proxy http://myusername:[email protected]:8080
npm config set https-proxy http://myusername:[email protected]:8080
npm config set strict-ssl false
This worked for me. Set the http and https proxy.
- npm config set proxy http://proxy.company.com:8080
- npm config set https-proxy http://proxy.company.com:8080
For me even though python etc will all work though our corporate proxy npm would not.
I tried
npm config set proxy http://proxyccc.xxx.ca:8080
npm config set https-proxy https://proxyccc.xxx.ca:8080
npm config set registry http://registry.npmjs.org/
as instructed but kept getting the same error.
It was only when I removed
https-proxy https://proxyccc.xxx.ca:8080
from the .npmrc file
that
npm install electron --save-dev worked
On Windows system
Try removing the proxy and registry settings (if already set) and set environment variables on command line via
SET HTTP_PROXY=http://username:password@domain:port
SET HTTPS_PROXY=http://username:password@domain:port
then try to run npm install. By this, you'll not set the proxy in .npmrc but for that session it will work.
In my case, I forgot to set the "http://" in my config files (can be found in C: \Users \ [USERNAME] \ .npmrc) proxy adresses. So instead of having
proxy=http://[IPADDRESS]:[PORTNUMBER]
https-proxy=http://[IPADDRESS]:[PORTNUMBER]
I had
proxy=[IPADDRESS]:[PORTNUMBER]
https-proxy=[IPADDRESS]:[PORTNUMBER]
Which of course did not work, but the error messages didnt help much either...
There is good information on curl's page on SSL and certificate issues. I base most of my answer on the information there.
Using strict-ssl false is bad practice and can create issues. What we can do instead is add the certificate that is being injected, by the "man in the middle" certificate.
How to solve this on Windows:
- Download the CA Certificates from curl based on Mozilla's CA bundle. You can also use curl's "firefox-db2pem.sh" shellscript to convert your local Firefox database.
- Go to a webpage using https, for example Stackoverflow in Chrome or Internet Explorer
- Click the lock icon, click View certificates or "Valid" in Chrome
- Navigate to the Certification path. The top certificate, or the root certificate is the one we want to extract. Click that certificate and then "view certificate"
- Click the second tab, "Details". Click "Copy to file". Pick the DER format and make note of where you save the file. Pick a suitable filename, like rootcert.cer
- If you have Git installed you will have openssl.exe. Otherwise, install git for windows at this stage. Most likely the openssl executable will be at C:\Program Files\git\usr\bin\openssl.exe. We will use openssl to convert the file to the PEM format we need for NPM to understand it.
- Convert the file you saved in step 5 by using this command:
openssl x509 -inform DES -in **rootcert**.cer -out outcert.pem -text
where rootcert is the filename of the certificate you saved in step 5. - Open the outcert.pem in a text-editor smart enough to understand line-endings, so not notepad. Select all the text and copy it to clipboard.
- Now we will paste that content to the end of the CA Cert bundle made in step 1. So open the cacert.pem in your advanced texteditor. Go to the end of the file and paste the content from previous step to the end of file. (Preserve the empty line below what you just pasted)
- Copy the saved cabundle.pem to a suitable place. Eg your %userprofile% or ~. Make note of the location of the file.
- Now we will tell npm/yarn to use the new bundle. In a commandline, write
npm config set cafile **C:\Users\username\cacert.pem
where C:\Users\username\cacert.pem is the path from step 10. - Optionally: turn on strict-ssl again,
npm config set strict-ssl true
Phew! We made it! Now npm can understand how to connect. Bonus is that you can tell curl to use the same cabundle.pem and it will also understand HTTPs.
Use below command at cmd or GIT Bash or other prompt
$ npm config set proxy "http://192.168.1.101:4128"
$ npm config set https-proxy "http://192.168.1.101:4128"
where 192.168.1.101 is proxy ip and 4128 is port. change according to your proxy settings. its works for me.
A lot of applications (e.g. npm) can use proxy setting from user environment variables.
You can just add to your environment following variables HTTP_PROXY and HTTPS_PROXY that will have the same value for each one
http://user:password@proxyAddress:proxyPort
For example if you have Windows you can add proxy as follow:
There has been many answers above for this question, but none of those worked for me. All of them mentioned to add http://
prefix. So I added it too. All failed.
It finally works after I accidentally removed http://
prefix. Final config is like this:
npm config set registry http://registry.npmjs.org/
npm config set http-proxy ip:port
npm config set https-proxy ip:port
npm config set proxy ip:port
npm set strict-ssl false
I don't know the logic behind this, but it worked. If none of answers above works for you, maybe you can have a try on this way. Hope this one is useful.
Here are the steps that I've followed (Windows):
- Edit the following file
C:\Users\<WIN_USERNAME>\.npmrc
Export the certificate to your file system from the following address:https://registry.npmjs.org
Navigate to the exported certificate location and issue the following command:
npm config set cafile npm_certificate.cer
Add the following changes to the file:
registry=https://registry.npmjs.org/ strict-ssl=false https-proxy=http://[proxy_user]:[proxy_password]@[proxy_ip]:[proxy_port]/ cafile=npm_certificate.cer
Now you should be ready to go!
My issue came down to a silly mistake on my part. As I had quickly one day dropped my proxies into a windows *.bat file (http_proxy, https_proxy, and ftp_proxy), I forgot to escape the special characters for the url-encoded domain\user (%5C) and password having the question mark '?' (%3F). That is to say, once you have the encoded command, don't forget to escape the '%' in the bat file command.
I changed
set http_proxy=http://domain%5Cuser:password%3F@myproxy:8080
to
set http_proxy=http://domain%%5Cuser:password%%3F@myproxy:8080
Maybe it's an edge case but hopefully it helps someone.
Just open the new terminal and type npm config edit
and npm config -g edit
. Reset to defaults. After that close terminal, open the new one and type npm --without-ssl --insecure --proxy http://username:password@proxy:8080 install <package>
if you need globally just add -g
.
It worked for me, hope it`ll work for you :)
I just have have my share of fight with npm and proxy settings and since I do not like other answers I like to share how I think this should be resolved (compromising security is not an option).
What docs says
First of all you have to be aware what are important settings available for npm
related to proxy:
proxy
A proxy to use for outgoing http requests. If the HTTP_PROXY or http_proxy environment variables are set, proxy settings will be honored by the underlying request library.https-proxy
A proxy to use for outgoing https requests. If the HTTPS_PROXY or https_proxy or HTTP_PROXY or http_proxy environment variables are set, proxy settings will be honored by the underlying request library.noproxy
A comma-separated string or an array of domain extensions that a proxy should not be used for.cafile
A path to a file containing one or multiple Certificate Authority signing certificates. Similar to the ca setting, but allows for multiple CA's, as well as for the CA information to be stored in a file on disk.
Now since default values for proxy
, https-proxy
are based on environment variables it is recommended way to properly configure those variables so other tools could work too (like curl
).
Note that for v6 noproxy
documentation doesn't say anything about environment variables and since v7 NO_PROXY environment variable is mentioned. My environment
wasn't configured to verify how this variable works (if lower case version is covered).
Proper configuration
Now I was configuring docker image which should be used behind a proxy and this entries were needed in Dockerfile:
COPY certs/PoroxyCertificate.crt /usr/local/share/ca-certificates/
COPY certs/RootCa.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates
# here all tools like curl were working
RUN ["/bin/bash", "-c", "set -o pipefail && curl -sSL https://deb.nodesource.com/setup_14.x | bash -"]
RUN apt-get -y update && apt-get install -y nodejs
RUN npm config set cafile /etc/ssl/certs/ca-certificates.crt -g
Now interesting thing is that I needed two certificate files. RootCa.crt
is self signed certificate for all corporate servers and PoroxyCertificate.crt
contains that certificate, but it also has an extra middle SubCA certificate. Proxy was responding with certificate chain of length 3.
Now update-ca-certificates
scans directory /usr/local/share/ca-certificates/
for new certificates and updates /etc/ssl/certs/ca-certificates.crt
which will contain much more then those custom certificates.
Feeding this /etc/ssl/certs/ca-certificates.crt
to cafile
of npm config
resolve all problems with certificates when proxy was used.
Important note
with npm v6 certificate errors quite often lead to npm ERR! Maximum call stack size exceeded
what is very confusing (I even broke certificate on purpose to verify this issue), log file contained something like this:
RangeError: Maximum call stack size exceeded
at isDepOptional (/usr/lib/node_modules/npm/lib/install/deps.js:417:24)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:441:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
I've found some some issue about that, but this will not be fixed in v6.