Is there a way to make npm install (the command) to work behind proxy?

Question

Read about a proxy variable in a .npmrc file but it does not work. Trying to avoid manually downloading all require packages and installing.

Answer 1

There is good information on curl's page on SSL and certificate issues. I base most of my answer on the information there.

Using strict-ssl false is bad practice and can create issues. What we can do instead is add the certificate that is being injected, by the "man in the middle" certificate.

How to solve this on Windows:

1. Download the CA Certificates from curl based on Mozilla's CA bundle. You can also use curl's "firefox-db2pem.sh" shellscript to convert your local Firefox database.
2. Go to a webpage using https, for example Stackoverflow in Chrome or Internet Explorer
3. Click the lock icon, click View certificates or "Valid" in Chrome
4. Navigate to the Certification path. The top certificate, or the root certificate is the one we want to extract. Click that certificate and then "view certificate"
5. Click the second tab, "Details". Click "Copy to file". Pick the DER format and make note of where you save the file. Pick a suitable filename, like rootcert.cer
6. If you have Git installed you will have openssl.exe. Otherwise, install git for windows at this stage. Most likely the openssl executable will be at C:\Program Files\git\usr\bin\openssl.exe. We will use openssl to convert the file to the PEM format we need for NPM to understand it.
7. Convert the file you saved in step 5 by using this command:
   openssl x509 -inform DES -in **rootcert**.cer -out outcert.pem -text
   where rootcert is the filename of the certificate you saved in step 5.
8. Open the outcert.pem in a text-editor smart enough to understand line-endings, so not notepad. Select all the text and copy it to clipboard.
9. Now we will paste that content to the end of the CA Cert bundle made in step 1. So open the cacert.pem in your advanced texteditor. Go to the end of the file and paste the content from previous step to the end of file. (Preserve the empty line below what you just pasted)
10. Copy the saved cabundle.pem to a suitable place. Eg your %userprofile% or ~. Make note of the location of the file.
11. Now we will tell npm/yarn to use the new bundle. In a commandline, write
    npm config set cafile **C:\Users\username\cacert.pem
    where C:\Users\username\cacert.pem is the path from step 10.
12. Optionally: turn on strict-ssl again, npm config set strict-ssl true

Phew! We made it! Now npm can understand how to connect. Bonus is that you can tell curl to use the same cabundle.pem and it will also understand HTTPs.