Posted by on Feb 28, 2014 in JavaScript

If you dabble a bit with node.js in your spare time you may have noticed that as of Feb 27th 2014, NPM no longer works.
If you look at the output from npm, you will probably see the following error:

The key is in the second line here, an SSL exception is being thrown due to the use of self-signed certificates:


After a bit of digging about I found a post on the official npm blog confirming that as of 27/Feb/14 self-signed certificates are no longer supported and that npm is effectively broken.

Quite humorously, this same blog post recommends installing an updated version of npm using npm itself, which would be fine, if the entire problem wasn’t an inability to use npm due to the cert errors. Whoops!

Some people are suggesting disabling SSL on npm by changing the config, but this is risky for a number of reasons, not least because that opens you up to man-in-the-middle attacks and no longer validates that you are indeed talking to the authentic npm repository.

Personally I took both of these and ran the following:

Here we are disabling SSL to allow us to grab the latest version of npm (which doesn’t suffer from the self-signed cert. problem) then immediately re-enabling SSL.
This to me is a quick solution to this problem.

The other option is to uninstall node.js, download the latest version and install that. The above option should be quickest and most hassle free I’d imagine.