我只是有我的份额与npm和代理设置的斗争，因为我不喜欢其他的答案，我喜欢分享我认为这个问题应该如何解决(妥协安全不是一个选项)。

医生怎么说

首先，你必须了解npm中与代理相关的重要设置:

proxy A proxy to use for outgoing http requests. If the HTTP_PROXY or http_proxy environment variables are set, proxy settings will be honored by the underlying request library. https-proxy A proxy to use for outgoing https requests. If the HTTPS_PROXY or https_proxy or HTTP_PROXY or http_proxy environment variables are set, proxy settings will be honored by the underlying request library. noproxy A comma-separated string or an array of domain extensions that a proxy should not be used for. cafile A path to a file containing one or multiple Certificate Authority signing certificates. Similar to the ca setting, but allows for multiple CA's, as well as for the CA information to be stored in a file on disk.

现在，由于代理的默认值，http -proxy是基于环境变量的，建议正确配置这些变量，以便其他工具也可以工作(如curl)。

请注意，对于v6版本的noproxy文档，没有提到任何关于环境变量的内容，而自从v7版本开始，NO_PROXY环境变量就被提到了。我的环境中 没有配置为验证此变量如何工作(如果覆盖小写版本)。

合适的配置

现在我正在配置docker image，它应该在代理后面使用，在Dockerfile中需要这些条目:

COPY certs/PoroxyCertificate.crt /usr/local/share/ca-certificates/
COPY certs/RootCa.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates
# here all tools like curl were working

RUN  ["/bin/bash", "-c", "set -o pipefail && curl -sSL https://deb.nodesource.com/setup_14.x  |  bash -"]
RUN apt-get -y update && apt-get install -y nodejs
RUN npm config set cafile /etc/ssl/certs/ca-certificates.crt -g

有趣的是，我需要两个证书文件。还。crt是所有公司服务器的自签名证书和PoroxyCertificate。crt包含该证书，但它还有一个额外的中间SubCA证书。代理响应长度为3的证书链。

现在update-ca-certificates扫描目录/usr/local/share/ca-certificates/寻找新的证书，并更新/etc/ssl/certs/ca-certificates。CRT将包含比那些自定义证书更多的内容。

提供这个/etc/ssl/certs/ca-certificates。CRT到NPM配置文件解决了使用代理时证书的所有问题。

重要提示

npm v6的证书错误经常会导致npm ERR!最大调用堆栈大小超过了什么是非常令人困惑的(我甚至故意破坏证书来验证这个问题)，日志文件包含如下内容:

RangeError: Maximum call stack size exceeded
    at isDepOptional (/usr/lib/node_modules/npm/lib/install/deps.js:417:24)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:441:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)
    at failedDependency (/usr/lib/node_modules/npm/lib/install/deps.js:457:9)

我发现了一些关于这方面的问题，但这不会在v6中被修复。

npm config set proxy <http://...>:<port_number>
npm config set registry http://registry.npmjs.org/

这解决了我的问题。

在cmd或GIT Bash或其他提示符下使用以下命令

$ NPM配置代理http://192.168.1.101:4128

$ NPM配置http -proxy http://192.168.1.101:4128

其中192.168.1.101为代理IP, 4128为端口。根据您的代理设置进行更改。这对我很有用。

在curl的页面上有关于SSL和证书问题的很好的信息。 我的大部分答案都是基于那里的信息。

使用strict-ssl false是不好的做法，可能会产生问题。我们可以做的是添加由“中间人”证书注入的证书。

如何在Windows上解决这个问题:

Download the CA Certificates from curl based on Mozilla's CA bundle. You can also use curl's "firefox-db2pem.sh" shellscript to convert your local Firefox database. Go to a webpage using https, for example Stackoverflow in Chrome or Internet Explorer Click the lock icon, click View certificates or "Valid" in Chrome Navigate to the Certification path. The top certificate, or the root certificate is the one we want to extract. Click that certificate and then "view certificate" Click the second tab, "Details". Click "Copy to file". Pick the DER format and make note of where you save the file. Pick a suitable filename, like rootcert.cer If you have Git installed you will have openssl.exe. Otherwise, install git for windows at this stage. Most likely the openssl executable will be at C:\Program Files\git\usr\bin\openssl.exe. We will use openssl to convert the file to the PEM format we need for NPM to understand it. Convert the file you saved in step 5 by using this command: openssl x509 -inform DES -in **rootcert**.cer -out outcert.pem -text where rootcert is the filename of the certificate you saved in step 5. Open the outcert.pem in a text-editor smart enough to understand line-endings, so not notepad. Find -----BEGIN CERTIFICATE----- lots of characters -----END CERTIFICATE----- and copy all text between them and also including the BEGIN / END lines Now we will paste that content to the end of the CA Cert bundle made in step 1. So open the cacert.pem in your advanced texteditor. Go to the end of the file and paste the content from previous step to the end of file. (Preserve the empty line below what you just pasted) Copy the saved cabundle.pem to a suitable place. Eg your %userprofile% or ~. Make note of the location of the file. Now we will tell npm/yarn to use the new bundle. In a commandline, write npm config set cafile **C:\Users\username\cacert.pem** where C:\Users\username\cacert.pem is the path from step 10. Optionally: turn on strict-ssl again, npm config set strict-ssl true

唷!我们成功了!现在npm可以理解如何连接了。额外的好处是，您可以告诉curl使用相同的cabundle。pem，它也能理解HTTPs。

对于这个问题，上面有很多答案，但没有一个对我有用。他们都提到要添加http://前缀。所以我也加了进去。都失败了。

它终于工作后，我不小心删除了http://前缀。最终配置如下:

npm config set registry http://registry.npmjs.org/
npm config set http-proxy ip:port
npm config set https-proxy ip:port
npm config set proxy ip:port
npm set strict-ssl false

我不知道这背后的逻辑，但它奏效了。如果以上答案都不适合你，也许你可以试试这种方法。希望这个对你有用。

要设置http代理，请设置-g标志:

Sudo NPM配置代理http://proxy_host:port -g

对于https代理，再次确保设置了-g标志:

Sudo NPM配置http -proxy http://proxy_host:port -g