The "self signed certificate" error occurs when npm encounters an SSL certificate that was not issued by a trusted Certificate Authority. This commonly happens with corporate proxies, private registries, or misconfigured networks.
This error indicates that somewhere in the SSL certificate chain, npm encountered a self-signed certificate - one that was signed by itself rather than a trusted Certificate Authority. SSL/TLS security relies on a chain of trust from the server's certificate back to a trusted root CA. Self-signed certificates break this chain because there's no third-party verification. While self-signed certificates can be legitimate (corporate CAs, development environments), npm rejects them by default to protect against man-in-the-middle attacks.
Find out where the self-signed cert comes from:
openssl s_client -connect registry.npmjs.org:443 -showcerts 2>/dev/null | openssl x509 -noout -issuer -subjectCompare the issuer - if it's your company, you need their CA certificate.
Get the certificate from your browser:
1. Visit https://registry.npmjs.org
2. Click padlock > Certificate
3. Go to Certification Path tab
4. Select the root certificate
5. Export to PEM format
Or via command line:
openssl s_client -connect registry.npmjs.org:443 </dev/null 2>/dev/null | openssl x509 > cert.pemConfigure npm to trust the certificate:
npm config set cafile /path/to/cert.pemOr via environment variable:
export NODE_EXTRA_CA_CERTS=/path/to/cert.pemFor permanent solution, add to system CA store:
# Ubuntu/Debian
sudo cp cert.pem /usr/local/share/ca-certificates/custom-ca.crt
sudo update-ca-certificates
# CentOS/RHEL
sudo cp cert.pem /etc/pki/ca-trust/source/anchors/
sudo update-ca-trust
# macOS
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain cert.pemIf using a private registry with self-signed cert:
# Set the registry
npm config set registry https://private-registry.company.com
# Set its CA certificate
npm config set cafile /path/to/private-registry-ca.pem⚠️ Only for testing/development:
npm config set strict-ssl falseNever use this in production or CI/CD - it disables all certificate verification.
In enterprise environments, work with your IT/security team to get the corporate CA certificate properly installed on all developer machines. For CI/CD, include the CA certificate in your pipeline configuration or Docker images. If you control the private registry, consider getting a certificate from a public CA like Let's Encrypt instead of using self-signed certificates.
npm ERR! code ENOAUDIT npm ERR! Audit endpoint not supported
How to fix "npm ERR! code ENOAUDIT - Audit endpoint not supported"
npm ERR! code EBADDEVENGINES npm ERR! devEngines.runtime incompatible with current node version
How to fix "npm ERR! code EBADDEVENGINES - devEngines.runtime incompatible with current node version"
npm ERR! code ETOOMANYARGS npm ERR! Too many arguments
How to fix "npm ERR! code ETOOMANYARGS - Too many arguments"
npm ERR! code EINVALIDTAGNAME npm ERR! Invalid tag name: tag names cannot contain spaces
How to fix "npm ERR! code EINVALIDTAGNAME - tag names cannot contain spaces"
npm ERR! code E400 npm ERR! 400 Bad Request
How to fix "npm ERR! code E400 - 400 Bad Request" error