Search Unity

  1. Calling all beginners! Join the FPS Beginners Mods Challenge until December 13.
    Dismiss Notice
  2. It's Cyber Week at the Asset Store!
    Dismiss Notice

Private NPM Registry with a Self-signed SSL Certificate

Discussion in 'Package Manager' started by AndreasO, May 5, 2019.

  1. AndreasO

    AndreasO

    Joined:
    Sep 25, 2012
    Posts:
    90
    Hi,

    I've setup my own NPM Registry and want to use it with Unity's Package Manager.
    Everything looks fine as long as I'm not using my self-signed certificate.

    This is the error message Unity prints to the console:

    Code (CSharp):
    1. An error occurred while resolving packages:
    2.   Project has invalid dependencies:
    3.     com.demo.abc: unable to verify the first certificate
    4.  
    5. A re-import of the project may be required to fix the issue or a manual modification of D:/dev/demo/manifest.json file.
    I suspect that the npm client binary is the culprit here. This is because I had to instruct the locally installed npm to use a .pem file that contains my self-signed certificate via ~/.npmrc file.

    I've tried to put a .npmrc in several places (project and unity editor internal folders) but to no avail. I even deleted the npm folder from "<InstallDirOfUnity>\Editor\Data\Tools\nodejs" and Unity just works fine in regards to the Package Manager ... hmmm...

    Any ideas? Would really like to use PM with my own registry.
     
  2. AndreasO

    AndreasO

    Joined:
    Sep 25, 2012
    Posts:
    90
    I can confirm that it is 100% an issue with my self-signed cert as I've quickly setup a Let's Encrypt Certificate.
    I'd still like to use it instead of the LE one because it complicates my setup for no good reason.

    Either the npm process (or whatever is internally used by Unity Editor) should respect a config file (.npmrc) or even better make use of the OS' Truststore. I'm using Windows and have added my Root CA to the Windows Truststore which works perfectly fine in all other applications I use.
     
  3. maximeb_unity

    maximeb_unity

    Unity Technologies

    Joined:
    Mar 20, 2018
    Posts:
    144
    Hi @AndreasO,

    I'm sorry you have been having problems with self-signed certificates. The Package Manager is built on Nodejs, but does not use npm internally, so there is no .npmrc file you can use to configure this. We do have support for custom certificate authorities in a global configuration file available as of 2019.2, which is currently in alpha.
    In the meantime, one possible workaround is to use
    NODE_EXTRA_CA_CERTS
    environment variable (see https://nodejs.org/api/cli.html#cli_node_extra_ca_certs_file). I understand that it's not ideal, but that's why it's a called workaround. :)

    That's because Nodejs does not rely on system certificates, but instead incorporates hard-coded well-known CAs curated by Mozilla.
     
  4. AndreasO

    AndreasO

    Joined:
    Sep 25, 2012
    Posts:
    90
    Thanks a lot for your answer. I'll give this workaround a try. :)