npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

registry.npmjs.org certification invalid?

npm WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning undefined: request to https://registry.npmjs.org/snekfetch failed, reason: Hostname/IP doesn’t match certificate’s altnames: “Host: registry.npmjs.org. is not in the cert’s altnames: DNS:a.sni.fastly.net, DNS:a.sni.global-ssl.fastly.net”
npm WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.

When i open https://registry.npmjs.org in my browser it gives this :
NET::ERR_CERT_COMMON_NAME_INVALID


Registry is unusable… having the same issue

Fastly error: unknown domain. Please check that this domain has been added to a service.

npm verb node v8.9.4
npm verb npm  v6.2.0
npm ERR! request to https://registry.npmjs.org/-/v1/login failed, reason: Hostname/IP doesn't match certificate's altnames: "Host: registry.npmjs.org. is not in the cert's altnames: DNS:a.sni.fastly.net, DNS:a.sni.global-ssl.fastly.net"
npm verb exit [ 1, true ]
npm timing npm Completed in 750ms


Also having this issue:

~$ curl -v https://registry.npmjs.org
* Rebuilt URL to: https://registry.npmjs.org/
*   Trying 151.101.12.162...
* TCP_NODELAY set
* Connected to registry.npmjs.org (151.101.12.162) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Fastly, Inc.; CN=a.sni.fastly.net
*  start date: Jul  9 18:51:07 2018 GMT
*  expire date: Jul  9 18:51:07 2020 GMT
*  subjectAltName does not match registry.npmjs.org
* SSL: no alternative certificate subject name matches target host name 'registry.npmjs.org'
* stopped the pause stream!
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
curl: (51) SSL: no alternative certificate subject name matches target host name 'registry.npmjs.org'

Works fine on ´www´ and ´status´ subdomains but those certificates are issued by “Dogwood” and “DigiCert”.

Registry subdomain certificate claims to be issued to ´a.sni.fastly.net´ and “GlobalSign”.

edit: I guess the cache service they use (or the way NPM uses it) broke something? https://status.npmjs.org/

If you change DNS providers (to cloudflare or something) it will work.


This is also affecting deployments on Google Cloud Functions.


the same thing here, i tried to use an other registry to keep working, but some dependencies have reference to registry.npmjs.org


Had this problem for the last couple of hours. Not got too much into the certificate problem but a fix for me was to change Internet providers… from (here in the UK) BT to EE and my npm install worked ok from https://registry.npmjs.org/


https://registry.npmjs.org seems to be working again