The "unable to verify the first certificate" error occurs when npm cannot verify the SSL certificate chain. This typically means an intermediate certificate is missing from the chain sent by the server.
This error indicates a problem with SSL certificate chain verification. When a server presents its certificate, it should also send any intermediate certificates needed to chain back to a trusted root CA. If these intermediates are missing, npm cannot verify the chain even if the root CA is trusted. This often happens with misconfigured proxies, load balancers, or CDNs that don't send the complete certificate chain. The "first certificate" refers to the server's leaf certificate that cannot be verified.
View what certificates are being sent:
openssl s_client -connect registry.npmjs.org:443 -showcerts 2>/dev/nullYou should see multiple certificates. If only one, the chain is incomplete.
Get missing intermediate certs:
1. Visit the site in a browser
2. Export the full certificate chain
3. Or find intermediates on the CA's website
4. Save as intermediate.pem
Point npm to the complete certificate chain:
# Create combined cert file
cat intermediate.pem root.pem > full-chain.pem
# Configure npm
npm config set cafile /path/to/full-chain.pemAdd extra certificates via environment:
export NODE_EXTRA_CA_CERTS=/path/to/intermediate.pem
npm installAdd to shell profile for persistence.
Ensure system has latest intermediate CAs:
# Ubuntu/Debian
sudo apt update && sudo apt install ca-certificates
sudo update-ca-certificates
# macOS
brew upgrade ca-certificatesIf caused by corporate proxy:
1. Report the incomplete certificate chain
2. Ask them to configure proper cert chain
3. Request the full chain file as workaround
This issue is common when organizations deploy SSL inspection without properly configuring intermediate certificates. Tools like SSL Labs (ssllabs.com/ssltest) can diagnose server-side chain issues. In Kubernetes, ensure ingress controllers and service meshes send complete chains. For Docker builds, use multi-stage builds that include proper CA configuration.
npm ERR! code ENOAUDIT npm ERR! Audit endpoint not supported
How to fix "npm ERR! code ENOAUDIT - Audit endpoint not supported"
npm ERR! code EBADDEVENGINES npm ERR! devEngines.runtime incompatible with current node version
How to fix "npm ERR! code EBADDEVENGINES - devEngines.runtime incompatible with current node version"
npm ERR! code ETOOMANYARGS npm ERR! Too many arguments
How to fix "npm ERR! code ETOOMANYARGS - Too many arguments"
npm ERR! code EINVALIDTAGNAME npm ERR! Invalid tag name: tag names cannot contain spaces
How to fix "npm ERR! code EINVALIDTAGNAME - tag names cannot contain spaces"
npm ERR! code E400 npm ERR! 400 Bad Request
How to fix "npm ERR! code E400 - 400 Bad Request" error