Select to view content in your preferred language

self signed certificate in certificate chain

28084
1
Jump to solution
12-08-2023 02:00 PM
JaredPilbeam2
MVP Regular Contributor

I'm following the guide for the ArcGIS Experience Builder Server install. According to this I can use any of the following Node.js versions. For Windows, I've tried v. 16 and the latest v. 20.10. 0.

For Experience Builder 1.12 and newer, we support Node.js of version 16,18,19,20, but not Node 17.

Where I'm running into problems is in step 9 of hte guide. Each time I try different combinations of Experience Builder download with a version of Node.js I get this error in the (Administrator) command prompt:

 

C:\Users\jpilbeam>cd C:\ArcGISExperienceBuilder\server

C:\ArcGISExperienceBuilder\server>npm ci
npm WARN config global `--global`, `--local` are deprecated. Use `--location=global` instead.
npm ERR! code SELF_SIGNED_CERT_IN_CHAIN
npm ERR! errno SELF_SIGNED_CERT_IN_CHAIN
npm ERR! request to https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz failed, reason: self signed certificate in certificate chain

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\jpilbeam\AppData\Local\npm-cache\_logs\2023-12-08T21_40_00_057Z-debug-0.log

 

Don't see much documentation on it. According to the key I can trust the cert, which I did. Even still I get the same error.

Experience Builder uses a self-signed certificate in Node.js to support HTTPS. You can run Experience Builder using this certificate by trusting it, or you can use your own certificate. To change the default certificate with your own, replace these two files in the server/cert directory: server.key and server.cert.

 

0 Kudos
1 Solution

Accepted Solutions
JeffreyThompson2
MVP Regular Contributor

I needed to turn off ssl security to download the npm packages. It's not strictly speaking the safest way to do it, but the odds of getting hit by a man-in-the-middle attack are pretty low.

//Turns off ssl
npm set strict-ssl false
//Installs node packages
npm ci
//Turns ssl back on for future protection
npm set strict-ssl true

If you want to look for a more secure option, try these suggestions.

https://stackoverflow.com/questions/29141153/nodejs-npm-err-code-self-signed-cert-in-chain

GIS Developer
City of Arlington, Texas

View solution in original post

1 Reply
JeffreyThompson2
MVP Regular Contributor

I needed to turn off ssl security to download the npm packages. It's not strictly speaking the safest way to do it, but the odds of getting hit by a man-in-the-middle attack are pretty low.

//Turns off ssl
npm set strict-ssl false
//Installs node packages
npm ci
//Turns ssl back on for future protection
npm set strict-ssl true

If you want to look for a more secure option, try these suggestions.

https://stackoverflow.com/questions/29141153/nodejs-npm-err-code-self-signed-cert-in-chain

GIS Developer
City of Arlington, Texas