I’m working with an Ubuntu virtual machine that has SSL connectivity issues. The VM can’t properly connect to secure websites using https URLs, but it works fine with regular http connections.
When I try to run npm install, it fails because npm tries to fetch packages using https by default. Since my VM can successfully download files over http connections, I need to find a way to force npm to use http instead of https for downloading packages.
Is there a configuration setting or command line option that can make npm use http protocol instead of https when fetching dependencies from the registry?
To configure npm to use http instead of https, you can execute the command npm config set registry http://registry.npmjs.org/. I encountered a similar issue in a development environment where SSL connections were blocked, and using http resolved my package installation failures. Keep in mind that while this method works, it reduces security, so be cautious. You can verify the current registry setting by running npm config get registry, which should display the http URL. When you’re ready to revert to https, simply use npm config set registry https://registry.npmjs.org/.
Here’s another trick that saved me in restricted environments - use environment variables for temporary, project-specific changes. Just run npm_config_registry=http://registry.npmjs.org/ npm install and it’ll override the default registry for that command only. Won’t mess with your global npm config, which is great when you’re jumping between different networks all the time. This was a lifesaver when I was working across multiple VMs - some had SSL issues, others didn’t. The environment variable approach lets you test installs without breaking global settings that might screw up other projects.
You can also modify your .npmrc file directly for more control. Just create or edit the .npmrc file in your project root or home directory and add these lines:
I’ve hit similar SSL problems in corporate environments with wonky certificate validation. The .npmrc method’s great because it sticks around between sessions and you can use different configs for different projects. If you’re still getting certificate errors even with strict-ssl off, try adding ca=null. Don’t forget to document this change for other devs on the project - they’ll need the same setup if they’re dealing with restricted environments.
had this exact issue last week! If ur behind a proxy, try npm config set https-proxy http://yourproxy:port. The problem isn’t always the registry URL - sometimes it’s how npm handles secure connections. You can also try NODE_TLS_REJECT_UNAUTHORIZED=0 if SSL certs are causing issues. it’s a bit hacky but works.
Yeah, the registry change works but you’ll run into the same SSL headaches with other dev tools. I’ve been there - had this exact issue setting up CI pipelines in locked-down environments.
Instead of manually fixing each tool, I automated the whole dev environment setup with Latenode. Built a workflow that catches SSL problems and auto-configures npm, yarn, git, and other tools to use http when needed.
It also handles certificates and switches back to https when connectivity’s better. Beats remembering different config commands for every tool.
For your npm issue right now:
npm config set registry http://registry.npmjs.org/
npm config set strict-ssl false
But honestly, automating this saves tons of troubleshooting time. Worth checking out: https://latenode.com