NPM安装通过Squid代理失败,无法验证叶签名

NPM安装通过Squid代理失败,无法验证叶签名,npm,openssl,reverse-proxy,squid,Npm,Openssl,Reverse Proxy,Squid,我们有一个带有SSL的Squid代理,使用自签名证书和ca-bundle.cert。仅在最近尝试安装时,NPM安装才开始失败 npm——注册表\ --代理--https代理\ --ddd安装快车 产生误差- npm ERR! errno UNABLE_TO_VERIFY_LEAF_SIGNATURE npm ERR! request to https://registry.npmjs.org/express failed, reason: unable to verify the first

我们有一个带有SSL的Squid代理,使用自签名证书和ca-bundle.cert。仅在最近尝试安装时,NPM安装才开始失败

npm——注册表\ --代理--https代理\ --ddd安装快车

产生误差-

npm ERR! errno UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! request to https://registry.npmjs.org/express failed, 
reason: unable to verify the first certificate
Squid在码头内运行,日志显示

NONE/200 0 CONNECT registry.npmjs.org:443 - HIER_DIRECT
任何想法或建议都将不胜感激

第一次答复 我在squid.conf中添加了“dns_v4_first on”,现在NPM错误消息为

npm verb node v8.9.3
npm verb npm  v5.5.1
npm ERR! code SELF_SIGNED_CERT_IN_CHAIN
npm ERR! errno SELF_SIGNED_CERT_IN_CHAIN
npm ERR! request to https://registry.npmjs.org/express failed, reason: self signed certificate in certificate chain
附加信息 我所发现的是NPM接受代理设置时的异常行为。当代理设置为内联时,如下图所示,它返回HTTP 503

npm cache clear --force && rm -rf node_modules/

npm --strict-ssl=false --registry https://registry.npmjs.org 
--proxy http://example-proxy.net:3339 --https-proxy http://example-proxy.net:3339 
--ddd install express
当只设置了代理而没有设置https代理时,它就工作了

npm cache clear --force && rm -rf node_modules/

npm --strict-ssl=false --registry https://registry.npmjs.org 
--proxy http://example-proxy.net:3339  
--ddd install express
export http_proxy=http://example-proxy.net:3339 
export HTTPS_PROXY=http://example-proxy.net:3339 
export https_proxy=http://example-proxy.net:3339 
export HTTP_PROXY=http://example-proxy.net:3339

npm cache clear --force && rm -rf node_modules/

npm --strict-ssl=false --registry https://registry.npmjs.org 
--ddd install express
当代理在shell中设置而不是通过npm命令时,它就可以工作了

npm cache clear --force && rm -rf node_modules/

npm --strict-ssl=false --registry https://registry.npmjs.org 
--proxy http://example-proxy.net:3339  
--ddd install express
export http_proxy=http://example-proxy.net:3339 
export HTTPS_PROXY=http://example-proxy.net:3339 
export https_proxy=http://example-proxy.net:3339 
export HTTP_PROXY=http://example-proxy.net:3339

npm cache clear --force && rm -rf node_modules/

npm --strict-ssl=false --registry https://registry.npmjs.org 
--ddd install express

那么,当同时设置了代理和https代理时,为什么npm命令会返回HTTP 503呢?

看起来squid正试图通过IPv6在只有IPv4的主机上进行连接:

connect(14, {sa_family=AF_INET6, sin6_port=htons(443), inet_pton(AF_INET6, "2400:cb00:2048:1::6810:1b23", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
read(14, 0x7ffe450e1040, 65535)         = -1 ENOTCONN (Transport endpoint is not connected)
将此选项添加到squid.conf可以修复此问题:

dns_v4_first on