public_git
/
nexus-vagrant
mirror of https://github.com/rgl/nexus-vagrant.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

configure node.js to use the system ca trust store

This commit is contained in:
Rui Lopes 2025-09-05 07:23:12 +00:00
parent 6452307d77
commit 7daad8373d
3 changed files with 15 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
provision/use-npm-repository.sh
View File

@ -20,7 +20,12 @@ npm --version
# configure npm to trust our system trusted CAs.
# NB never turn off ssl verification with npm config set strict-ssl false
npm config set cafile /etc/ssl/certs/ca-certificates.crt
# NB since node.js 22.19.0 we no longer need to use npm config set cafile to use
# a private ca. instead, either set the NODE_USE_SYSTEM_CA environment
# variable or use the --use-system-ca command line option.
# see https://github.com/nodejs/node/pull/59276
# see https://nodejs.org/docs/latest-v22.x/api/cli.html#--use-system-ca
export NODE_USE_SYSTEM_CA='1'
#
# configure npm to use the npm-group repository.
@ -62,7 +67,7 @@ export NPM_PASS=password
export NPM_EMAIL=alice.doe@example.com
export NPM_REGISTRY=https://$nexus_domain/repository/npm-hosted/
npm install npm-registry-client@8.6.0
npm_auth_token=$(NODE_PATH=$PWD/node_modules node --use-openssl-ca /vagrant/provision/npm-login.js 2>/dev/null)
npm_auth_token=$(NODE_PATH=$PWD/node_modules node /vagrant/provision/npm-login.js 2>/dev/null)
npm set //$nexus_domain/repository/npm-hosted/:_authToken $npm_auth_token
# publish.

16
provision/windows/export-windows-ca-certificates.ps1
View File

@ -1,16 +0,0 @@
# dump all the windows trusted roots into a ca file.
$pems = New-Object System.Text.StringBuilder
Get-ChildItem Cert:\LocalMachine\Root | ForEach-Object {
# $_ is-a System.Security.Cryptography.X509Certificates.X509Certificate2
Write-Host "Exporting the $($_.Issuer) certificate..."
[void]$pems.AppendLine('-----BEGIN CERTIFICATE-----')
[void]$pems.AppendLine(
[Convert]::ToBase64String(
$_.Export('Cert'),
'InsertLineBreaks'));
[void]$pems.AppendLine("-----END CERTIFICATE-----");
}
Set-Content `
-Encoding Ascii `
C:\ProgramData\ca-certificates.crt `
$pems.ToString()

13
provision/windows/use-npm-repository.ps1
View File

@ -36,10 +36,14 @@ Update-SessionEnvironment
node --version
npm --version
# configure npm to trust our system trusted CAs.
# configure node/npm to trust our system trusted CAs.
# NB never turn off ssl verification with npm config set strict-ssl false
c:\vagrant\provision\windows\export-windows-ca-certificates.ps1
npm config set cafile c:/ProgramData/ca-certificates.crt
# NB since node.js 22.19.0 we no longer need to use npm config set cafile to use
# a private ca. instead, either set the NODE_USE_SYSTEM_CA environment
# variable or use the --use-system-ca command line option.
# see https://github.com/nodejs/node/pull/59276
# see https://nodejs.org/docs/latest-v22.x/api/cli.html#--use-system-ca
$env:NODE_USE_SYSTEM_CA='1'
#
# configure npm to use the npm-group repository.
@ -88,8 +92,7 @@ $env:NPM_EMAIL='alice.doe@example.com'
$env:NPM_REGISTRY="https://$nexusDomain/repository/npm-hosted/"
npm install npm-registry-client@8.6.0
$env:NODE_PATH="$PWD/node_modules"
$env:NODE_EXTRA_CA_CERTS='C:\ProgramData\ca-certificates.crt'
$npmAuthToken = node --use-openssl-ca /vagrant/provision/npm-login.js 2>$null
$npmAuthToken = node /vagrant/provision/npm-login.js 2>$null
npm set "//$nexusDomain/repository/npm-hosted/:_authToken" $npmAuthToken
# publish.