I got the correct certificate (a .crt file) from my co-worker. I did the appropriate command to add this to the Java Keystore which works well as per this command:
keytool -import -trustcacerts -alias <your_alias_name> -file <path_to_certificate_file> -keystore <JAVA_HOME>/lib/security/cacerts
Now, I can build and compile my java apps with no problem. However, we are using the 'maven-front-plugin' which is setup and we have the following commands in maven.
<executions>
<execution>
<id>install-node-and-npm</id>
<goals>
<goal>install-node-and-npm</goal>
</goals>
</execution>
<execution>
<id>npm-install</id>
<goals>
<goal>npm</goal>
</goals>
</execution>
<execution>
<id>build-frontend</id>
<goals>
<goal>npm</goal>
</goals>
<phase>prepare-package</phase>
<configuration>
<arguments>run build:development</arguments>
</configuration>
</execution>
</executions>
The first goal works great: install-node-and-npm The second goal does not: npm install And the reason this happens is because of:
[INFO] [1m--- [0;32mfrontend:1.9.1:npm[m [1m(npm-install)[m @ [36mapii[0;1m ---
[INFO] Running 'npm install' in C:\Users\thomas.holmes\git\myapp- app\myapp\src\main\frontend
[INFO] npm ERR! code UNABLE_TO_GET_ISSUER_CERT_LOCALLY
[INFO] npm ERR! errno UNABLE_TO_GET_ISSUER_CERT_LOCALLY
[INFO] npm ERR! request to https://registry.npmjs.org/zustand/-/zustand-4.5.5.tgz failed, reason: unable to get local issuer certificate
Ok, I can see what is happening, and there are a couple of issues I can do, and both are not working.
Option 1: Create a .m2/settings.file which I have done:
<profiles>
<profile>
<id>ssl-profile</id>
<properties>
<javax.net.ssl.trustStore>C:\Users\thomas.holmes\opt\jdk17.0.16_8\lib\security\cacerts</javax.net.ssl.trustStore>
<javax.net.ssl.trustStorePassword>somepwd</javax.net.ssl.trustStorePassword>
</properties>
</profile>
</profiles>
<activeProfiles>
<activeProfile>ssl-profile</activeProfile>
</activeProfiles>
</settings>
This does not work. This is the preferred option as I do NOT want this to work for all apps that I have in Eclipse.
Option 2: Use the maven build configuration to add these two items into the build process. Both of these should have the same exact effect.
I've gone out to my command prompt in Windows, and I did the following: mvn clean install -U -Djavax.net.ssl.trustStore="c:\Users\thomas.holmes\opt\jdk17.0.16_8\lib\security\cacerts" -Djavax.net.ssl.trustStorePassword=changeit and no luck.
So then I tried this at the command line: set NODE_EXTRA_CA_CERTS="c:\Users\thomas.holmes\opt\jdk17.0.16_8\lib\security\cacerts" I wasn't sure if this should actually point to the original .crt file I was given. So, in trying this, I got this error message
Warning: Ignoring extra certs from `"c:\Users\thomas.holmes\opt\jdk17.0.16_8\lib\security\cacerts"`, load failed: error:8000007B:system library::no protocol option
and then I also got again:
[INFO] npm ERR! code UNABLE_TO_GET_ISSUER_CERT_LOCALLY
[INFO] npm ERR! errno UNABLE_TO_GET_ISSUER_CERT_LOCALLY
So, I feel like I have tried a ton of things, and it's not being resolved. I have googled this like crazy, and I can't see anything that fixes this yet.
Please let me know if I can provide any more information.
This problem was on Windows 11 and running Spring Tool Suite (STS). There are two steps:
Step 1: This variable only works with a PEM file and not a cacerts and not the .crt file. You can convert from one to the other, which is what I did. So, now I have a .crt file originally, and now a .pem file.
Step 2: I went into my System environment variables and I added a variable 'NODE_EXTRA_CA_CERTS' and then pointed that to the new .pem file which I create from the .crt file.
This solved my problem. I know there are probably other ways to solve this issue, but this worked for me, so I'll stick with it for now until someone can make this easier.