node js Error while installing npm install express code UNABLE_TO_VERIFY_LEAF_SIGNATURE unable to verify the first certificate

Question

I have installed nodejs version node-v4.5.0-x64.msi

I am installing express using npm install express in windows but getting following error

npm WARN package.json demo2@1.0.0 No description                                    
npm WARN package.json demo2@1.0.0 No repository field.

npm WARN package.json demo2@1.0.0 No README data
npm ERR! Windows_NT 6.3.9600
npm ERR! argv "C:\\Program Files\\nodejs\\node.exe" "C:\\Program Files\\nodejs\\
node_modules\\npm\\bin\\npm-cli.js" "install" "express"
npm ERR! node v4.5.0
npm ERR! npm  v2.15.9
npm ERR! code UNABLE_TO_VERIFY_LEAF_SIGNATURE

npm ERR! unable to verify the first certificate
npm ERR!
npm ERR! If you need help, you may report this error at:
npm ERR!     <https://github.com/npm/npm/issues>

npm ERR! Please include the following file with any support request:
npm ERR!     D:\user\Node\demo2\npm-debug.log

Update not only express package I was not able to install any package

Answer 1

Instead of disabling SSL certificate checking which could be by-passing your corporate security policies (not a good idea), I think the correct solution is as follows:

npm config set cafile="/path/to/cert_authority_file_base64.cer"

This solves the "unable to verify the first certificate" error without disabling SSL certificate checking.

NOTE: The "cert_authority_file_base64.cer" file can be obtained in Chrome from any HTTPS accessed website (external to your organization's network) using the green lock icon and navigating to the "Details" link from the menu that comes up when clicking on the green icon. You must save the certificate as "base64 encoded" for this to work.

Answer 2

You can use this command

npm config set strict-ssl false

It just disabled SSL certificates.

But it's not a best practice to accept invalid SSL certificate.

you can revert it later with this command

npm config set strict-ssl true