Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Error: unable to verify the first certificate if using puppeteer_download_host

See original GitHub issue

We have set up nexus proxy for caching chrome binaries. puppeteer_download_host is set to the desired repo (the url is reacheable by curl). But npm i --save-dev puppeteer causes:

Error: unable to verify the first certificate

Steps to reproduce

Tell us about your environment:

Puppeteer version: latest stable (i think)
Platform / OS version: wsl2 ubuntu 18.04
URLs (if applicable):
Node.js version: 12.14.1

What steps will reproduce the problem?

Please include code that reproduces the issue.

Please note, sass_binary_site works nice over the same nexus, because CA certificates are already installed into system CA store.

What is the expected result? Correct download of binaries from internal nexus proxy

What happens instead? While trying to isntall npm i --save-dev puppeteer i’m getting following exception:

> puppeteer@2.1.0 install /app/node_modules/puppeteer
> node install.js

ERROR: Failed to download Chromium r722234! Set "PUPPETEER_SKIP_CHROMIUM_DOWNLOAD" env variable to skip download.
Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (_tls_wrap.js:1321:34)
    at TLSSocket.emit (events.js:223:5)
    at TLSSocket._finishInit (_tls_wrap.js:794:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:608:12)
  -- ASYNC --
    at BrowserFetcher.<anonymous> (/app/node_modules/puppeteer/lib/helper.js:111:15)
    at Object.<anonymous> (/app/node_modules/puppeteer/install.js:62:16)
    at Module._compile (internal/modules/cjs/loader.js:955:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:991:10)
    at Module.load (internal/modules/cjs/loader.js:811:32)
    at Function.Module._load (internal/modules/cjs/loader.js:723:14)
    at Function.Module.runMain (internal/modules/cjs/loader.js:1043:10)
    at internal/main/run_main_module.js:17:11 {
  code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
}
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! puppeteer@2.1.0 install: `node install.js`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the puppeteer@2.1.0 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:

Issue Analytics

State:
Created 4 years ago
Reactions:8
Comments:8

Top GitHub Comments

2reactions

alexandresalomecommented, Jan 2, 2022

I discovered that you can configure Node SSL checks at runtime by specifying an environment variable to the node binary:

NODE_TLS_REJECT_UNAUTHORIZED=0 node example.js

0reactions

ghenadiibatalskicommented, Oct 19, 2022

Same with current version ^19.0.0 : NODE_TLS_REJECT_UNAUTHORIZED=0 works, but it can not be a solution.

Top Results From Across the Web

Error: unable to verify the first certificate in nodejs

unable to verify the first certificate. The certificate chain is incomplete. It means that the webserver you are connecting to is misconfigured and...

Getting certificate errors "unable to get local issuer certificate ...

The “error:num=21:unable to verify the first certificate” means that chain of trust is broken right from the start. Typically it might happen if ......

I got this error when iam sending a post request to rest api ...

i got this error when iam sending a post request to rest api SSL Error: Unable to verify the first certificate.

"message":"unable to verify the first certificate","code":" - Apigee

While testing a backend service using edgemicro, service returns error as {"message":"unable to verify the first.

Unable to verify the first certificate - Visual Studio Feedback

I recently upgraded from TFS 2018 to Azure DevOps. In the release pipeline as one of the tasks, I have a task to...