Self Sign Certificate Error after Ionic (Ionic Start)

Just installed Ionic 3 yesterday, and try starting a new project, under my company firewall, it gave me “Error: self signed certificate in certificate chain”.

Googled and find one solution, I don’t think it is the best, is just install “ionic@legacy”, which means downgrading ionic, doesn’t make sense right?

1 Like

@derekstwong Hi, it is just a matter of npm at your stage because whatever Linux or Windows is your company server, you just need to be able to run a npm server company wide (node.js). I guess your company firewall disabled it for obvious security reasons, a node server can run tons of things :confused:

@FrancoisIonic Thanks for your reply, is it funny that I could download Ionic 3 via npm, but couldn’t start a new project?

I have already set npm config ssl-strict=false, that’s why I could update ionic and cordova…etc.

This happens only for Ionic…so strange…:confounded:

Am I the only one that thinks this is an absolutely crazy irresponsible thing to do?

At first, I couldn’t install ionic via npm, same error existed.
From npm official forum, it claimed it is “normal” to do what I did…

I think that’s insane. You are basically executing completely untrusted code that you are getting from a random source on the Internet that may perfectly well be a poisoned trojan rootkit.

I can’t disagree with you mate, but that’s a way for me to install ionic at this moment. Anyway, should I make request to network administrator to free “something” for me in order to setup ionic project correctly?

That sort of depends on whether or not said admin is part of the problem. There are proxies that effectively MitM all of your SSL traffic, and if you’re behind one of those, and the admin thinks that’s a good thing, you’re probably best off just trying to keep a low profile.

If they aren’t so sinister, maybe you could ask them to set something up that you can config npm’s https-proxy to, preferably while batting your eyelashes and saying you’re concerned about internal network security, especially with all the ransomware floating about.

Great, but so funny that I have asked the network admin about firewall configuration, he said the firewall is controlled by outside vendor. SXXT.

Perhaps I have to find one more way until there is a way to allow the HTTPS connection for Ionic.

But, it is strange that I am “allowed” to do the same thing “ionic start” for Ionic 2, but not for “@latest”.

1 Like

My next question would be “so why are you still here?”, but then again I get fired a lot.

1 Like

What I want to know is, “why Ionic2 OK but not Ionic3”

I try to avoid “Ionic v2” and “Ionic v3” because of the complex nature of the versioning with the various parts of Ionic, but a cursory glance at the cli source leads me to believe that the v2 CLI fetches the list of starter templates via unsecured HTTP, whereas the v3 CLI uses HTTPS.

That’s what I thought, but I remember I found once v2 CLI download via https.

Anyway, you gave me a good idea for this case.

Ionic committee will not consider HTTP but MUST HTTPS. Am I right?

How you get it is different from the protocol it uses internally.

Way above my pay grade, but for all our sakes, I hope they insist on HTTPS. The npm ecosystem is fragile enough as it is.

Lemme try to find more ways then, thanks a lot.

There is a certificate installed to browsers (Chrome/Firefox). In order to get thru the https website.

Is there any way to import the certificate to Ionic so that I could do the same thing for “ionic start”?

That’s really stange… I could do nearly all things in npm (download ionic, cordova), but failed for ionic start (downloading project packages…)

Last Updated: I tried “wget” via powershell, for the failed package.

Status Code : 200, which should mean connection success…
That’s really strange that just failed in ionic start…HELP!

Quick and dirty fix:
Open a hotspot with your phone, connect to it, do whatever needs done, switch back to company network.

Also tell bosses you lost x hours of work time @ $y/hour because of this crap.

I’m really not sure about this, but I’d tend to say this is because of CORS policy is a lot more enforced in Ionic 3 (by dependencies) than Ionic 2, but really not sure.

Such a funny case that I was failed even for “ionic docs”, same self sign certificate. Well, have to say, perhaps I have to build projects at home, or outside company network till there are solutions found.

Thanks for reply.

Thanks for CORS in ionic3…