berry: [Bug] 'unable to get local issuer certificate' - Config options for 'strict-ssl' and 'cafile' missing from Berry?
Describe the bug
Previously, there was an option to force SSL and set a CA file. Looking at the config options for Berry, this is no longer the case. We don’t use a proxy to access the internet, but rather a signed certificate that acts as a MiTM for our traffic. I’m getting my team to just start to work with Yarn and I’d like us to migrate to the latest version. However, without the ability to set these options like with npm and yarn v1, i get the ‘unable to get local issuer certificate’ error and so I’ve been forced to uninstall Berry and go back to Yarn v1.21.1.
To Reproduce
Not sure how to reproduce this outside of our internal network. These options are just missing from Berry.
Screenshots
Running the npx @yarnpkg/doctor command from the migration guide gives me this:
Environment if relevant (please complete the following information):
- OS: Windows
- Node version 12.6.0
- Yarn version 2.0.0-rc.27
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 16
- Comments: 34 (15 by maintainers)
I just opened a PR at #1934 which should address this.
You can test it before it gets merged with
yarn set version from sources --branch 1934Add to
.yarnrc.yml:caFilePath: <path to CA .pem file)to supply a custom CAenableStrictSsl: falseto disable cert errors.Let’s discuss about binjumper in https://github.com/yarnpkg/berry/issues/1938 👍
Thanks @andreialecu for implementing this much requested feature! 🎉
We already support environment variables in the Yarnrc, so you should be able to just use
$HOME(cf the doc for the exact syntax).@jamador-usgs in general you could use
NODE_TLS_REJECT_UNAUTHORIZED=0in front ofyarncommand, for exampleNODE_TLS_REJECT_UNAUTHORIZED=0 yarn plugin import interactive-tools, or you could just export variable to Node’sENV. I think it should work for the most of node-based cli packages