cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon npm

[BUG] npm v8.5.0 fails with sslv3 alert handshake failure, for client certificate based authentication

Open 767267 opened this issue 3 years ago • 0 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

This issue exists in the latest npm version

  • [ ] I am using the latest npm

Current Behavior

We have an Organization base Artifactory setup which has a Client-certificate based authentication and the then user level authentication enabled.

Recently after the update of npm to v8.5.0, the npm starting failing while connecting to the the artifactory repository.

Following error message is displayed:


npm ERR! code EPROTO
npm ERR! syscall write
npm ERR! errno EPROTO
npm ERR! request to https://mycompany.com/artifactory/api/npm/pvh-platform-npm/npm          failed, reason: write EPROTO 3848:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:c:\ws\deps\openssl\openssl\ssl\record\rec_layer_s3.c:1546:SSL alert number 40
npm ERR!

Note: The artifactory url is accessible from the system via any browser. And the client-certificate is configured in the Windows Credentials Manager.

Expected Behavior

It should be able to correctly perform the ssl handshake and continue based on the certificate provided in the Windows Credentails manager.

Steps To Reproduce

On server: Setup artifactory with client certificate authentication, plus user and password access. On client: Setup the client certificate in the windows credentials manager for the artifactory domain name, and then try accessing the artifactory using npm.

Environment

npm: '8.5.0', node: '16.14.2', v8: '9.4.146.24-node.20', uv: '1.43.0', zlib: '1.2.11', brotli: '1.0.9', ares: '1.18.1', modules: '93', nghttp2: '1.45.1', napi: '8', llhttp: '6.0.4', openssl: '1.1.1n+quic', cldr: '40.0', icu: '70.1', tz: '2021a3', unicode: '14.0', ngtcp2: '0.1.0-DEV', nghttp3: '0.1.0-DEV'

; "builtin" config from C:\Program Files\nodejs\node_modules\npm\npmrc

prefix = "C:\\Users\\myuser\\AppData\\Roaming\\npm"

; "user" config from C:\Users\myuser\.npmrc

//mycompany.com/artifactory/api/npm/pvh-platform-npm/:_password = (protected)
//mycompany.com/artifactory/api/npm/pvh-platform-npm/:username = "320190977"
; always-auth = false ; overridden by project
; email = "[email protected]" ; overridden by project
; registry = "https://mycomany.com/artifactory/api/npm/pvh-platform-npm/" ; overridden by project
strict-ssl = true

; "project" config from D:\wwwroot\mengage\.npmrc

_auth = (protected)
always-auth = true
email = "[email protected]"
registry = "https://mycompany.com/artifactory/api/npm/pvh-platform-npm/"

; node bin location = C:\Program Files\nodejs\node.exe
; cwd = D:\wwwroot\mengage
; HOME = C:\Users\user1
; Run `npm config ls -l` to show all defaults.

767267 avatar Jul 14 '22 05:07 767267