node SSL error code: SELF_SIGNED_CERT_IN_CHAIN

More Less
2 min readApr 23, 2022

when running node js code met this SSL handshake error.

node -v
v18.0.0
$ node app.js -a 0.0.0.0 -o kuwo kugou pyncmd qq joox -s

error message is as following:

ERROR: (hook) write EPROTO 005E0A1201000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:../deps/openssl/openssl/ssl/statem/extensions.c:908:Error: write EPROTO 005E0A1201000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:../deps/openssl/openssl/ssl/statem/extensions.c:908:at WriteWrap.onWriteComplete [as oncomplete] (node:internal/stream_base_commons:94:16)
errno: -100
code: EPROTO
syscall: write

solution is to rollback to stable version of node.

sudo npm cache clean -f
sudo npm install -g n
sudo n stable
$ sudo n stable
copying : node/16.14.2
installed : v16.14.2 (with npm 8.5.0)
$ npm -v
8.5.0
$ node -v
v16.14.2
Thennpm install npm@latest -g

second issue is self signed certificate in certificate chain

INFO: (app) HTTPS Server running @ http://0.0.0.0:8081
ERROR: (hook) self signed certificate in certificate chain
Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
at TLSSocket.emit (node:events:526:28)
at TLSSocket._finishInit (node:_tls_wrap:944:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12)
code: SELF_SIGNED_CERT_IN_CHAIN

to solve the self signed certificate issue. there are several ways.

On npm

On Node Package Manager you have two options: bypass or set a certificate file.

Bypassing (risky!)

npm config set strict-ssl false --global

Setting a certificate file

npm config set cafile /path/to/your/cert.pem --global

On Node.js

Sometimes, we have some problems when installing Node.js-based applications. Even setting a certificate file in npm, some installation packages rely on https libraries that don’t read npm settings. You may get an error like this: at bootstrapNodeJSCore ... code: 'SELF_SIGNED_CERT_IN_CHAIN'

So you can try to set a specific environment variable before running your Node.js-based script:

Bypassing (risky!)

export NODE_TLS_REJECT_UNAUTHORIZED=0

Setting a certificate file

export NODE_EXTRA_CA_CERTS=/path/to/your/cert.pem

--

--

More Less

自由撰稿人,时评人,平等公义追求者