The ECONNRESET error with 'tunneling socket could not be established' occurs when npm cannot connect through a proxy server. This is typically caused by misconfigured proxy settings or network connectivity issues.
The "tunneling socket could not be established" error with code ECONNRESET indicates that npm attempted to connect to the npm registry through a proxy server, but the connection was abruptly terminated. The proxy either rejected the connection, timed out, or the network path between your machine and the proxy was interrupted. When npm is configured to use a proxy (either via npm config or environment variables), it creates a tunneling connection to route HTTPS traffic through the proxy server. If this tunnel cannot be established, npm fails with ECONNRESET - meaning the remote end (the proxy) reset the connection before communication could complete. This error is especially common in corporate environments where developers must use proxy servers to access external networks. It can also occur when proxy settings are incorrectly configured, when moving between networks (e.g., from office to home), or when the proxy server itself is experiencing issues.
First, inspect what proxy settings npm currently has configured:
# View all npm config
npm config list
# Check specific proxy settings
npm config get proxy
npm config get https-proxyAlso check for environment variables:
# Linux/macOS
echo $HTTP_PROXY
echo $HTTPS_PROXY
echo $http_proxy
echo $https_proxy
# Windows (Command Prompt)
echo %HTTP_PROXY%
echo %HTTPS_PROXY%If you see proxy values but you're not behind a proxy, that's likely the problem.
If you're not behind a corporate proxy, remove any proxy configuration:
# Remove npm proxy settings
npm config delete proxy
npm config delete https-proxy
# Also remove http-proxy if set
npm config delete http-proxyClear environment variables for the current session:
# Linux/macOS
unset HTTP_PROXY
unset HTTPS_PROXY
unset http_proxy
unset https_proxy
# Windows (Command Prompt)
set HTTP_PROXY=
set HTTPS_PROXY=Then retry your npm command.
If you ARE behind a corporate proxy, configure npm with the correct settings:
# Set proxy (use http:// even for https-proxy)
npm config set proxy http://proxy.company.com:8080
npm config set https-proxy http://proxy.company.com:8080If your proxy requires authentication:
npm config set proxy http://username:[email protected]:8080
npm config set https-proxy http://username:[email protected]:8080Important: Use http:// (not https://) as the protocol for both proxy settings, even for https-proxy. The proxy connection itself uses HTTP; only the tunneled traffic is HTTPS.
Note: If your password contains special characters like @, :, or %, you need to URL-encode them (e.g., @ becomes %40).
Test if you can reach the npm registry through your proxy:
# Test direct connection to npm registry
curl -v https://registry.npmjs.org/
# Test through proxy
curl -v --proxy http://proxy.company.com:8080 https://registry.npmjs.org/If curl works but npm doesn't, the issue is likely in npm's configuration. If curl also fails, the problem is with the proxy or network.
You can also try accessing https://registry.npmjs.org in your browser to verify the registry is accessible.
If SSL/TLS issues are causing the problem, you can temporarily switch to HTTP:
npm config set registry http://registry.npmjs.org/Warning: Using HTTP instead of HTTPS is less secure and should only be used for debugging. Switch back to HTTPS once the issue is resolved:
npm config set registry https://registry.npmjs.org/Some corporate proxies perform SSL inspection, which can cause certificate errors. If you trust your network, you can disable strict SSL:
npm config set strict-ssl falseYou might also need to set the CA certificate to null:
npm config set cafile nullSecurity Warning: Disabling SSL verification makes you vulnerable to man-in-the-middle attacks. Only use this in trusted corporate environments and re-enable when possible:
npm config set strict-ssl true
npm config delete cafileCached data can sometimes cause connection issues. Clear the cache:
npm cache clean --forceThen delete node_modules and package-lock.json if needed:
rm -rf node_modules package-lock.json
npm installnpm reads configuration from multiple .npmrc files. Check all locations for conflicting settings:
# Project-level
cat .npmrc
# User-level
cat ~/.npmrc
# Global
cat /etc/npmrc # Linux/macOS
# or
type %APPDATA%\npm\etc\npmrc # WindowsRemove or comment out any conflicting proxy settings in these files.
On Windows 10/11, automatic proxy detection can interfere with npm:
1. Open Settings > Network & Internet > Proxy
2. Turn off Automatically detect settings
3. If you need a proxy, configure it manually instead
After changing these settings, restart your terminal and try npm again.
### Understanding Proxy Configuration Priority
npm reads proxy configuration from multiple sources in this order (highest priority first):
1. Command-line flags (--proxy)
2. Environment variables (HTTP_PROXY, HTTPS_PROXY)
3. Project .npmrc file
4. User ~/.npmrc file
5. Global /etc/npmrc or built-in defaults
### Using CNTLM for NTLM Proxies
Corporate environments often use NTLM authentication. The cntlm proxy can help:
# Install cntlm
sudo apt-get install cntlm # Debian/Ubuntu
brew install cntlm # macOS
# Configure cntlm with your credentials
# Edit /etc/cntlm.conf with your domain, username, and password hash
# Then start cntlm as a local proxy
# Point npm to local cntlm proxy
npm config set proxy http://127.0.0.1:3128
npm config set https-proxy http://127.0.0.1:3128### VPN Considerations
When connected to a corporate VPN:
- Proxy settings may be required even if not needed on the office network
- DNS resolution might change, affecting how proxy hostnames resolve
- Split tunneling configurations may affect which traffic goes through the proxy
If npm works without VPN but fails with VPN connected, check if your VPN client modifies proxy settings.
### CI/CD Pipeline Configuration
In CI environments, set proxy via environment variables in your pipeline configuration:
# GitHub Actions example
env:
HTTP_PROXY: http://proxy.company.com:8080
HTTPS_PROXY: http://proxy.company.com:8080
NO_PROXY: localhost,127.0.0.1### NO_PROXY for Internal Registries
If you use a private npm registry that doesn't require the proxy:
npm config set noproxy "registry.internal.company.com,localhost"
# or via environment variable
export NO_PROXY="registry.internal.company.com,localhost"npm ERR! code ENOAUDIT npm ERR! Audit endpoint not supported
How to fix "npm ERR! code ENOAUDIT - Audit endpoint not supported"
npm ERR! code EBADDEVENGINES npm ERR! devEngines.runtime incompatible with current node version
How to fix "npm ERR! code EBADDEVENGINES - devEngines.runtime incompatible with current node version"
npm ERR! code ETOOMANYARGS npm ERR! Too many arguments
How to fix "npm ERR! code ETOOMANYARGS - Too many arguments"
npm ERR! code EINVALIDTAGNAME npm ERR! Invalid tag name: tag names cannot contain spaces
How to fix "npm ERR! code EINVALIDTAGNAME - tag names cannot contain spaces"
npm ERR! code E400 npm ERR! 400 Bad Request
How to fix "npm ERR! code E400 - 400 Bad Request" error