ssl,npm,tsd , NPM Error: self signed certificate in certificate chain

NPM Error: self signed certificate in certificate chain


Tag: ssl,npm,tsd

I am following the Angular 2 quick start guide and I'm stuck right at the beginning of it.

My company is filtering our network connections and modifying SSL negociation. In a man in the middle style they assign a self signed certificate as the CA of the destination's certificate.

Therefore when I execute the second command

npm install -g tsd
tsd query angular2 --action install

I get this:

      throw er; // Unhandled stream error in pipe.
Error: self signed certificate in certificate chain
    at Error (native)
    at TLSSocket.<anonymous> (_tls_wrap.js:908:38)
    at emitNone (events.js:67:13)
    at TLSSocket.emit (events.js:163:7)
    at TLSSocket._finishInit (_tls_wrap.js:496:8)

Does anybody know a way of disabling the self signed certificate verification?


One little FYI first : if you just want to learn AngularJS, maybe it's not the best way to start with TypeScript. If it's the case for you, try the tutorial on, which use JavaScript and angular-seed.

Anyway, if you want to use tsd, you have to edit your tsdrc file (in your user's home directory), to set the proxy, and maybe, to turn of strictSSL. See

Following this documentation, this is what you certainly need to add to your tsdrc file :

    "proxy": "",
    "strictSSL" : false

Edit : I also don't think it's an npm problem. So please update your question.


Same system, same code, different behaviors: The request was aborted: Could not create SSL/TLS secure channel

There are many questions about "The request was aborted: Could not create SSL/TLS secure channel." error message and it seems very few of them were answered. I couldn't find any answer about my case, also my problem is little bit different. I have a Windows Service. It sends data to...

Websocket SSL connection

I am trying to test a secure websocket but I'm having trouble. Here is my test: var WebSocket = require('ws'); describe('testing Web Socket', function() { it('should do stuff', function(done) { var ws = new WebSocket('wss://localhost:15449/', { protocolVersion: 8, origin: 'https://localhost:15449' }); ws.on('open', function() { console.log('open!!!'); done(); }); console.log(ws); }); });...

ssl certificate with and without www

I have a website that installed a ssl certificate for the name of It works fine for But it doesn't work for The browser gave me Error code: ssl_error_bad_cert_domain. I am using Apache 2. I tried to rewrite the url to add www in httpd-ssl.conf, see the...

Error: EMFILE: too many open files

Using nw.js, I am just trying to save images in an array of img elements with different random names. But having a few errors, is something wrong with my code? for (i = 0; i < imgs.length; i++) { request(imgs[i].getAttribute('src')).on('error', function(err) { throw err }).pipe(fs.createWriteStream('data/imgs/' + randomString)) } imgs[] is...

Proper npm install --save behavior?

All documentation I have seen indicates that using --save argument with npm install should update the dependencies in package.json. This does not work for me. Packages install successfully without any error in the npm console output, but `package.json' remains unchanged. What am I missing? I have seen nothing in my...

Redirecting http to https

I'd like to redirect all of my http traffic to https, currently in my htaccess file I have the following redirecting my http traffic: <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] </IfModule> This redirects all of my non-www to www. What is the best way to...

sass file not compiled by gulp

I want to switch from less to sass so I installed gulp-sass with npm and modified my gulpfile to compile sass instead of less (nothing else changed). Sadly gulp doesn't compile my .scss file to css and after googling and trying all i could think of it still doesn't compile....

Meteor mupx ssl configuration is not working, still routing to port 80

Heres my mup.json: // Configure environment "env": { "PORT": 3000, "ROOT_URL": "" }, //SSL "ssl": { "certificate": "ssl/ssl.crt", // this is a bundle of certificates "key": "ssl/private.key", // this is the private key of the certificate "port": 443 // 443 is the default value and it's the standard HTTPS port...

How to let Webpack require a root node_module instead of an child package?

I have installed backbone and backbone.babysitter trough npm. When I use backbone in my scripts like this: import Backbone from "backbone"; It loads the installed backbone version 1.2.1. This works fine until I want to use backbone.babysitter. When backbone.babysitter loads it needs to add properties to backbone itself. But the...

Node.js app giving ERR_EMPTY_RESPONSE

I'm having serious issues with an app I am building with Node.js, Express, MongoDB and Mongoose. Last night everything seemed to work when I used nodemon server.js to `run the server. On the command line everything seems to be working but on the browser (in particular Chrome) I get the...

Openshift trustwave intermediate ssl cert issue

So I have got an application on openshift and I am trying to enable SSL on there. I already have an SSL cert from my previous host which is with Trustwave and seemed to work fine. So I have setup an alias for and have put a CNAME redirect...

How to make a website work only with https [duplicate],ssl,https
This question already has an answer here: How to force HTTPS using a web.config file 3 answers How do I make a website to work only with https? Is there any method to make my website work only if the protocol is https? For example let me say,...

Create OpenSSL certificates signed by myself

I'm using boost ssl for server and client, and I have a model for server/client program in my mind, and I'm not sure it's gonna work. The model I have in my mind is to be the only authority for certificates of my program. My main question is: How can...

Getting SSLHandshakeException in java

I ma getting SSL Hand Shake error in eclipse while calling https restful web service from simple java stub but, can access this URL from browser after importing Client Digital Certificate to browser which was shared by service provider. Hiding End point URL for security purpose. Please help me, i...

VS 2015 RC - Trying to fetch local plugin from remote registry

I have a local plugin, which I'm trying to install to a Cordova project. Adding it through VS works like a charm, but when I'm building it, plugman tries to retrieve the plugin from the registry (npm http GET[Plugin]/[Version]) and the build fails, because this plugin only exist locally....

npm install error not installing BrowserSync package

Trying to install BrowserSync I've followed the steps to install the package through the command line, installed node.js and then I went on to install npm through the command line. Now when I try to install browser-sync with the following line npm install -g browser-sync you will see it is...

Starting a tls communication with python asyncio

I have some python code snippet that uses asyncio and initiates a "plain" connection: loop = asyncio.get_event_loop() coro = loop.create_connection(lambda: MyCustomClassProtocol(loop), sock=client_socket) loop.run_until_complete(coro) The point is my plain connection switches to a tls one once some exchanges have happened. In the traditional way one would do this: ssl_sock = ssl.wrap_socket(client_socket,...

Wildcard SSL on several servers - seems OK when tested but red in Chrome

I'm trying to install a Wildcard SSL by Comodo on my servers - AWS amazon Linux with Apache2.4. '' is working 'almost' correctly - it has an exclamation mark - seems that this is because it is calling media from the '' - in which the HTTPS in chrome are...

How does DNS server know the IP address of an SSL's URL?

The SSL/TLS (https) protocol encrypts both of the web page url and its content. So I'm wondering how could the DNS server know the ip address of the requested url if it is encrypted? Any documented reference or idea?

How to create a private certificate for connecting to a website

My apologies if this is a duplicate, I may just not be using the correct terminology in my queries to find what I am looking for. I have a vendor that sent me a certificate to install in my browser so that we can access their website. We cannot get...

Node js can't require modules installed globally in OS X

I installed module by sudo npm install -g xxx in OS X, and the command echoes the module was installed in /usr/local/lib/node_modules/xxx. But the require('xxx') still fails claiming `Cannot find module 'xxx'. Only installing the module locally again by sudo npm install xxx can fix the error. Anything need to...

How to create web client application with nodejs and npm like angularjs tutorial

I am new to nodejs, npm also angularjs. I have read and tried the angularjs tutorial project hosted on, which for me is really exciting because it shows how easy to maintain the modules with bower, testing with jasmine and karma and perform e2e with protractor using npm command,...

Java client certificates and keystores

we are trying to build a MUTUAL/2WAY authentication mechanism. Because we hit two different hosts, we have the same client certificate stored in the client keystore container under two different aliases (please note the same fingerprint): [email protected]:/opt/golem# keytool -list -keystore ./client.keystore -storepass ________ Keystore type: JKS Keystore provider: SUN Your...

npm installs packages and dependencies in the project root directory

I switched from Windows to Mac. When I'm trying to install npm modules, the packages and their dependencies are created inside the project root directory. On Windows the module was installing into ./node_modules, with all dependencies inside module folder. Is there something I need to configure to make it work...

Configure Apache web server to perform SSL authentication

I'm trying to perform SSL authentication in apache web server, using XAMPP in Linux. After I configure httpd.conf like this, Apache server is failing to start. Can some one help me to fix this ? What is wrong with my configuration ? Alias /bitnami/ "/opt/lampp/apache2/htdocs/" Alias /bitnami "/opt/lampp/apache2/htdocs" <Directory "/opt/lampp/apache2/htdocs">...

Rails, DNSimple, Heroku and SSL - do I need a certificate?

So I'm currently deploying my app via Heroku. I noticed that in has HTTPS, so if I do config.force_ssl = true in my environments/production.rb it seems like I have wildcare SSL, right? Now I'm using DNSimple to get my actual name - call it Which currently resolves to...

Wildcard SSL - Which to chose and what is the key differences?

I have been left in confusion for quite some time in deciding which CA should i approach to obtain a SSL certificate. Much comparison has been made from different CA but I do not see what is the key differences that sets each other apart except the price they offer....

Server Authentication in Swift 2.0 & XCode 7 broken

I just updated my code to Swift 2.0 to work with Xcode 7. My App performs NSURLAuthenticationMethodServerTrust and NSURLAuthenticationMethodClientCertificate authentication. The problem is NSURLAuthenticationMethodServerTrust authentication stopped working on my simulator - but still works on my test device with iOS 8.3. Besides my old project which is not Swift 2.0,...

Client certificate authentication

I am new to SSL and Certificates . I have been doing my research about client certificate authentication. I have read this and wiki. So If I have to implement a client certificate auth solution for my B2B REST service should I do following Ask clients to generate their own...

NPM Error: self signed certificate in certificate chain

I am following the Angular 2 quick start guide and I'm stuck right at the beginning of it. My company is filtering our network connections and modifying SSL negociation. In a man in the middle style they assign a self signed certificate as the CA of the destination's certificate. Therefore...

SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?

Wouldn't anyone else be able to decrypt it too using the public key? Or is it saying that it will be decrypted with a private key. If that's the case how could something be encrypted with one key and decrypted with another? This is in reference to this wikipedia article....

wget ssl alert handshake failure

I am trying to download files from an https site and keep getting the following error: OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure Unable to establish SSL connection. From reading blogs online I gather I have to provide the server cert and the client cert. I have found steps on how...

NPM : how to just run post-install?

Just a simple question : in my node.js project, how could I just run the postinstall script, without running install before ? FYI, this is my package.json : { "name": "gestionclientjs", ..., "dependencies": { ... }, "repository": {}, "devDependencies": { ... }, "engines": { "node": ">=0.10.0" }, "scripts": { "test":...

serving GAE applications over http

I have implemented an application on GAE which can be accessible through https://<my_app_id> Now I have a custom domain registered with As described in GAE documentation I have mapped my custom domain to https://<my_app_id> and I see my application getting served from my custom domain. But I see requests...

Created a package.json file, but getting dependency errors when running npm install

I know this is a common question and I tried researching on here, but none of the answers have seemed to help me thus far. I am following this tutorial to learn node, and after I try to install the package.json I received the following errors: npm ERR! install Couldn't...

How do you unblock the 993 port if your firewall settings is blocking it?

I am trying to retrieve my emails from Gmail using php. for writing the host name, this is my code: $hostname = '{}INBOX'; I am getting this error: Warning: imap_open(): Couldn't open stream {}INBOX in /home1/mtc/public_html/mtcerp/emailparser/email.php on line 10 Cannot connect to Gmail: Can not authenticate to IMAP server: [CLOSED]...

Wildfly mysql with SSL

I have a web app using a mysql database as its data store. It is currently running in Glassfish and talking to that mysql database with SSL. I am thinking about migrating to Wildfly but I can't seem to create a Wildfly datasource that will talk to the mysql database...

Now that SSLSocketFactory is deprecated on Android, what would be the best way to handle Client Certificate Authentication?

I am working on an Android app that requires Client Certificate Authentication (with PKCS 12 files). Following the deprecation of all that's apache.http.*, we have started a pretty big work of refactoring on our network layer, and we have decided to go with OkHttp as a replacement, and so far...

Issue with understanding keystore and ssl

These are the facts: I have a client(android)-server(java - Ubuntu 14.04)-program with which I transmit my gps-data from my smartphone every 5 minutes to the server saving it into a mysql-database. My problem is that I do not want to transmit my GPS data plain. So I want to use...

How can i get Certificate issuer information in python?

I want the 'issued to' information from certificate in python. I try to use the SSL and SSLSocket library but did not happen. ...

Self-signed Certificate and Client Keystore for SSL Authentication

I need to create and install a self-signed certificate on the server (an XML hardware appliance) to do SSL authentication of a Java client/application which, through its interface configuration, can set keystores, i.e. .jks. I only need this setup for testing purposes and not production, for obvious reasons. Here's how...

How to disable common name check in SSLContext in java?

I am using SSLContext so set up Jersey client, and need to disable the common name check in order to avoid unnecessary issues. However, I can find no documentation as to how we can do it correctly. So is the common name check disabled by default in SSLContext (assuming using...

Subject Alternative Name not present in certificate

I have generated a CSR that includes the field subject alt names: openssl req -out mycsr.pem -new -key mykey.pem -days 365 When I inspect this it looks as expected with a new field present: X509v3 Subject Alternative Name: DNS: my.alt.dns However when I use this to sign a certificate that...

ArgumentError - unknown SSL method `TLSv1_2'

I am trying to move my AWS integration over TLS instead of SSLv3, but I'm receiving an error when trying to set the config.fog_credentials as another SO post has suggested, but I am receiving the ArgumentError above (unknown SSL method 'TLSv1_2'. I am open to a different solution to move...

React from NPM cannot be used on the client because 'development' is not defined. The bundle was generated from Webpack

I'm creating a React Node.js app and I'm trying to generate a Webpack bundle containing the React source code I loaded from NPM. However, it seems that the React code from NPM cannot be used directly in the client. It triggers this error: Uncaught ReferenceError: development is not defined The...

How to load SSL Certficate in Java

I am creating a Java program to get information from a server but I have to perform a ssl handshake with the server from the Java program. I have myfilercert.cer file certificate for authentication purpose but I have no idea how I can load that certificate in java so that...

SSL Handshake in Java Servlet (HttpsURLConnection)

I have a java web application that requires a servlet to open a connection with a url that returns some data in the form of JSON back to the servlet for processing. Traditionally this was done using an HttpURLConnection and everything worked as planned. Now, we have added as self-signed...

SSLV3_ALERT_HANDSHAKE_FAILURE with SNI using Tornado 4.2 in Python 2.9.10

I have an issue setting the SNI flag correctly using ssl.SSLContext in Python 2.7.10, the handshake fails every time and I can't figure out why. Here is how I tried to do it: import ssl import socket if ssl.HAS_SNI: print "SNI is available" print(ssl.OPENSSL_VERSION) context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) context.load_cert_chain('cacrt.pem', 'cakey.pem', 'password')...

Roundcube - Nginx does not redirect to .php file automatically

EDITED! I set up a mail server on Debian 7 with Nginx, Postfix, Postfixadmin, Dovecot and Roundcube. I tried to create an alias to use the SSL certificate of my domain (of course, the domain here is an example) for the webmail. When accessing the following URL -...