Pm2: Cannot install PM2

Created on 30 Oct 2018 · 22Comments · Source: Unitech/pm2

What's going wrong?

yarn add: error An unexpected error occurred: "https://tgz.pm2.io/gkt-1.0.0.tgz: unable to verify the first certificate".
- yarn install: error An unexpected error occurred: "ENOENT: no such file or directory, open '~/yarn/.cache/v1/npm-gkt-1.0.0-405502b007f319c3f47175c4474527300f2ab5ad/.yarn-metadata.json'".

How could we reproduce this issue?

run yarn add pm2 or yarn add --ignore-optional pm2 or yarn install in a project with pm2 as dependency.

Supporting information

Node 10.2.1
NPM 5.6.0
Yarn 1.9.4
OSX 10.14

$ pm2 report

Updated

_29/Oct/2018_: Added @laurence-myers feedback

Source

yknx4

👍17 😕4 🎉1

Most helpful comment

I'm getting a slightly different error using yarn, just running "yarn install" on a project which already has the dependency specified in both package.json and yarn.lock.

error An unexpected error occurred: "ENOENT: no such file or directory, open 'C:\\Users\\*redacted*\\AppData\\Local\\Yarn\\ca
che\\v1\\npm-gkt-1.0.0-405502b007f319c3f47175c4474527300f2ab5ad\\.yarn-metadata.json'".

This is breaking CircleCI.

laurence-myers on 30 Oct 2018

👍5 😕1

All 22 comments

Same issues here

cheynewallace on 30 Oct 2018

I'm getting a slightly different error using yarn, just running "yarn install" on a project which already has the dependency specified in both package.json and yarn.lock.

error An unexpected error occurred: "ENOENT: no such file or directory, open 'C:\\Users\\*redacted*\\AppData\\Local\\Yarn\\ca
che\\v1\\npm-gkt-1.0.0-405502b007f319c3f47175c4474527300f2ab5ad\\.yarn-metadata.json'".

This is breaking CircleCI.

laurence-myers on 30 Oct 2018

👍5 😕1

Okay, as a workaround when using yarn, you can do this:

Download the dependency from here: https://tgz.pm2.io/gkt-1.0.0.tgz
Upload the dependency to a static file host of your choice. I used an AWS S3 bucket.
Override the Yarn dependency resolution in package.json:

"resolutions": {
    "gkt": "https://s3-some-region-1.amazonaws.com/somebucketname/npm/gkt-1.0.0.tgz"
  }

laurence-myers on 30 Oct 2018

Another workaround is:

Fork the pm2 repo
Remove the broken dependency from package.json

 - "optionalDependencies": {
 -   "gkt": "https://tgz.pm2.io/gkt-1.0.0.tgz"
 - }

3.- Commit and Push

Change the dependency in your package.json including the commit hash. ie "pm2": "^3.2.2" => "pm2": "yknx4/pm2#8a8f289"

yknx4 on 30 Oct 2018

Okay, as a workaround when using yarn, you can do this:

1. Download the dependency from here: https://tgz.pm2.io/gkt-1.0.0.tgz

2. Upload the dependency to a static file host of your choice. I used an AWS S3 bucket.

3. Override the Yarn dependency resolution in package.json:

"resolutions": {
    "gkt": "https://s3-some-region-1.amazonaws.com/somebucketname/npm/gkt-1.0.0.tgz"
  }

Based on #3994 this may also work.

"resolutions": {
    "gkt": "http://tgz.pm2.io/gkt-1.0.0.tgz"
  }

yknx4 on 30 Oct 2018

👍4

We have a scheduled production deploy blocked because of this issue. Thank you @yknx4 for you suggestion.

I'm really interested in to get to know what happened to cause such a major break?

rastko-florencehc on 30 Oct 2018

same here. can only reproduce using a docker container of node

`npm ERR! code UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! errno UNABLE_TO_VERIFY_LEAF_SIGNATURE
npm ERR! request to https://tgz.pm2.io/gkt-1.0.0.tgz failed, reason: unable to verify the first certificate

npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2018-10-30T04_28_16_056Z-debug.log`

camilorivera on 30 Oct 2018

👍1

Seems that their cert is expired, or something along those lines. One workaround I've found is to run the following command, before installing the pm2 package. This should be used as a temporary solution only.

yarn config set "strict-ssl" false -g

ervinb on 30 Oct 2018

👍2 🎉1

Seems that their cert is expired, or something along those lines. One workaround I've found is to run the following command, before installing the pm2 package. This should be used as a temporary solution only.
yarn config set "strict-ssl" false -g

it's work !

sptimer on 30 Oct 2018

Can anyone confirm that it's working again ? It seems that the new certificate that we installed few hours ago isn't working for everyone, i just changed it again to a lets encrypt certificate.

vmarchaud on 30 Oct 2018

🎉1

Can anyone confirm that it's working again ? It seems that the new certificate that we installed few hours ago isn't working for everyone, i just changed it again to a lets encrypt certificate.

nop still having issue.

camilorivera on 30 Oct 2018

😕1

i just changed it again to a lets encrypt certificate.

Same error 😭

error https://tgz.pm2.io/gkt-1.0.0.tgz: unable to verify the first certificate

rskull on 30 Oct 2018

i just changed it again to a lets encrypt certificate.

Same error 😭

error https://tgz.pm2.io/gkt-1.0.0.tgz: unable to verify the first certificate

Me too

sptimer on 30 Oct 2018

Could you run curl -v https://tgz.pm2.io ?

vmarchaud on 30 Oct 2018

curl -v https://tgz.pm2.io

* Rebuilt URL to: https://tgz.pm2.io/
* Hostname was NOT found in DNS cache
*   Trying 163.172.101.189...
* Connected to tgz.pm2.io (163.172.101.189) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*        subject: CN=tgz.pm2.io
*        start date: 2018-09-30 21:00:12 GMT
*        expire date: 2018-12-29 21:00:12 GMT
*        subjectAltName: tgz.pm2.io matched
*        issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*        SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.38.0
> Host: tgz.pm2.io
> Accept: */*
>
< HTTP/1.1 200 OK
* Server nginx is not blacklisted
< Server: nginx
< Date: Tue, 30 Oct 2018 07:53:17 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 10
< Connection: keep-alive
< X-Powered-By: Express
< ETag: W/"a-MOSRhagQO4Ev8fGKnRbw/rs8C0w"
< Strict-Transport-Security: max-age=0;
<
* Connection #0 to host tgz.pm2.io left intact

ausir0726 on 30 Oct 2018

🤔

❯ curl -v https://tgz.pm2.io
* Rebuilt URL to: https://tgz.pm2.io/
*   Trying 163.172.101.189...
* TCP_NODELAY set
* Connected to tgz.pm2.io (163.172.101.189) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=tgz.pm2.io
*  start date: Sep 30 21:00:12 2018 GMT
*  expire date: Dec 29 21:00:12 2018 GMT
*  subjectAltName: host "tgz.pm2.io" matched cert's "tgz.pm2.io"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: tgz.pm2.io
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 30 Oct 2018 07:53:16 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 10
< Connection: keep-alive
< X-Powered-By: Express
< ETag: W/"a-MOSRhagQO4Ev8fGKnRbw/rs8C0w"
< Strict-Transport-Security: max-age=0;
<
* Connection #0 to host tgz.pm2.io left intact
Hello sir!%

rskull on 30 Oct 2018

it works for me, now.

yarn add pm2

yarn add v1.10.1
[1/5] Validating package.json...
[2/5] Resolving packages...
[3/5] Fetching packages...
info [email protected]: The platform "linux" is incompatible with this module.
info "[email protected]" is an optional dependency and failed compatibility check. Excluding it from installation.
info [email protected]: The platform "linux" is incompatible with this module.
info "[email protected]" is an optional dependency and failed compatibility check. Excluding it from installation.
[4/5] Linking dependencies...
[5/5] Building fresh packages...
success Saved 1 new dependency.
info Direct dependencies
└─ [email protected]
info All dependencies
└─ [email protected]
Done in 15.63s.

ausir0726 on 30 Oct 2018

okay I decided to use $ yarn install --ignore-optional

koooge on 30 Oct 2018

@vmarchaud its working now.

camilorivera on 30 Oct 2018

It's working now. 👍

rskull on 30 Oct 2018

👍2

Okay so i will close the issue.
I said in another issue but i will repeat myself : we are really sorry for the inconvenience, we will make sure it doesn't happen in the future.

vmarchaud on 30 Oct 2018

😕1

Okay so i will close the issue.
I said in another issue but i will repeat myself : we are really sorry for the inconvenience, we will make sure it doesn't happen in the future.

The gkt issue is very frustrating in itself: You cannot install pm2 with a local registry without internet access, at least it's not possible with yarn (which we use for bootstrapping an application). This is much more than "inconvenience". The dependency on pm2 server is really disruptive in any way.