unable to verify first certificate

[CaptainComeback]

Hello,
I get this error when I try to use the package manager. unable to verify first certificate. I checked online and I saw that some people had the same problem with atom though that solution did not work for me. I am using this with Mac OS. I have installed shell commands and I was able to run this ppm config set strict-ssl false I also ran this ppm config set NODE_TLS_REJECT_UNAUTHORIZED 0 and it did not help. I get the same error. is there a way to install a trusted root certificate? I think I figured it out. Just uploaded your Program to virus Total and its flagged as Hoax.JS.ExtMsg.a

[confused-Techie]

Sorry for not answering sooner. But what your describing are two very separate issues. The flag on virus total is not related to the certificate issue within PPM.

If you'd like to read more about why there's a warning on virus total take a look here. But TLDR, a dependency of a dependency on installation prints a message in Russian, calling for peace. Because of current world events. For some reason this call for peace is being flagged as malicious behavior in some tools virus total uses. You can read more about what HOAX.JS.MSG actually means here. Which confirms that it's because of, in Kaspersky's own words "...undeclared functionality that displays certain messages, which is triggered depending on the time zone."
So I assure you nothing within Pulsar itself is actually malicious, but I understand the warning is concerning.

But it is interesting that ppm config set strict-ssl false didn't work for you. Do you happen to use NPM at all? Is that working for you with any special configuration? Since ppm uses an older version of NPM internally so that may provide us an answer here

[CaptainComeback]

I do not use NPM I was just reading around and trying everything I could. Thanks for explaining the Virus total false positive. I was starting to think the worst when I could not get it anything to work. So that’s the only hope in getting this to work is turning strict ssl off?  Thanks for the reply and I apologize for thinking the worst.Sent from my iPhoneOn Jun 25, 2023, at 5:09 PM, confused_techie ***@***.***> wrote: Sorry for not answering sooner. But what your describing are two very separate issues. The flag on virus total is not related to the certificate issue within PPM. If you'd like to read more about why there's a warning on virus total take a look here. But TLDR, a dependency of a dependency on installation prints a message in Russian, calling for peace. Because of current world events. For some reason this call for peace is being flagged as malicious behavior in some tools virus total uses. You can read more about what HOAX.JS.MSG actually means here. Which confirms that it's because of, in Kaspersky's own words "...undeclared functionality that displays certain messages, which is triggered depending on the time zone." So I assure you nothing within Pulsar itself is actually malicious, but I understand the warning is concerning. But it is interesting that ppm config set strict-ssl false didn't work for you. Do you happen to use NPM at all? Is that working for you with any special configuration? Since ppm uses an older version of NPM internally so that may provide us an answer here —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: ***@***.***>

[confused-Techie]

No worries, I totally understand the concern about getting an alert from a virus scanner.

But that's all I'm aware of that could be done to resolve that issue. But I'm sure there's gotta be something else we can do to get it working.

Are you aware of why you are having SSL errors in the first place? Are you using some kind of VPN, or at a workplace that's providing it's own SSL certificates to decrypt traffic? PPM does support setting up a proxy, if that's something that could work for you?

[CaptainComeback]

Yes you are correct there is a root SSL certificate that is not being recognized and that’s why I tried the NPN command to see if I could reference the certificate as a trusted one. When I ran that command it appeared to run though when I tried to install I got errors again.  I will retrace my steps and send you the output as soon as I get to my computer.Sent from my iPhoneOn Jun 25, 2023, at 7:27 PM, confused_techie ***@***.***> wrote: No worries, I totally understand the concern about getting an alert from a virus scanner. But that's all I'm aware of that could be done to resolve that issue. But I'm sure there's gotta be something else we can do to get it working. Are you aware of why you are having SSL errors in the first place? Are you using some kind of VPN, or at a workplace that's providing it's own SSL certificates to decrypt traffic? PPM does support setting up a proxy, if that's something that could work for you? —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: ***@***.***>

[CaptainComeback]

Hello Here is the error I get and I did a fresh install and did the   ppm config set strict-ssl false   command  from the terminal. I really appreciate you helping me out.(node:1201) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.(Use `node --trace-warnings ...` to show where the warning was created)npm ERR! cb() never called!npm ERR! This is an error with npm itself. Please report this error at:npm ERR!     <https://npm.community>Sent from my iPhoneOn Jun 25, 2023, at 8:00 PM, ***@***.***> wrote:Yes you are correct there is a root SSL certificate that is not being recognized and that’s why I tried the NPN command to see if I could reference the certificate as a trusted one. When I ran that command it appeared to run though when I tried to install I got errors again.  I will retrace my steps and send you the output as soon as I get to my computer.Sent from my iPhoneOn Jun 25, 2023, at 7:27 PM, confused_techie ***@***.***> wrote: No worries, I totally understand the concern about getting an alert from a virus scanner. But that's all I'm aware of that could be done to resolve that issue. But I'm sure there's gotta be something else we can do to get it working. Are you aware of why you are having SSL errors in the first place? Are you using some kind of VPN, or at a workplace that's providing it's own SSL certificates to decrypt traffic? PPM does support setting up a proxy, if that's something that could work for you? —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: ***@***.***>

[CaptainComeback]

The irony of all of this is it says to find more information about the error at https://npm.communityWhen I try to go there I get an SSL error in my browser as well. Sent from my iPhoneOn Jun 25, 2023, at 8:29 PM, ***@***.***> wrote:Hello Here is the error I get and I did a fresh install and did the   ppm config set strict-ssl false   command  from the terminal. I really appreciate you helping me out.(node:1201) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.(Use `node --trace-warnings ...` to show where the warning was created)npm ERR! cb() never called!npm ERR! This is an error with npm itself. Please report this error at:npm ERR!     <https://npm.community>Sent from my iPhoneOn Jun 25, 2023, at 8:00 PM, ***@***.***> wrote:Yes you are correct there is a root SSL certificate that is not being recognized and that’s why I tried the NPN command to see if I could reference the certificate as a trusted one. When I ran that command it appeared to run though when I tried to install I got errors again.  I will retrace my steps and send you the output as soon as I get to my computer.Sent from my iPhoneOn Jun 25, 2023, at 7:27 PM, confused_techie ***@***.***> wrote: No worries, I totally understand the concern about getting an alert from a virus scanner. But that's all I'm aware of that could be done to resolve that issue. But I'm sure there's gotta be something else we can do to get it working. Are you aware of why you are having SSL errors in the first place? Are you using some kind of VPN, or at a workplace that's providing it's own SSL certificates to decrypt traffic? PPM does support setting up a proxy, if that's something that could work for you? —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: ***@***.***>

[confused-Techie]

On thing I'd like to clarify, when you get this error, is it during installation? Or when you attempt to modify the settings?

[CaptainComeback]

[confused-Techie]

Interesting that nearly every HTTP request actually ends in 200. So it seems the requests are getting through, but that there may be a bug within PPM or NPM itself, that's being reported. I'll look into it to see if I can find where that's being created from. And just to double check, what version of Pulsar are you using?

Also for future reference if you need to show code or logs like this, it can make things much more readable to use backticks, like so:

'/Applications/Pulsar.app/Contents/Resources/app/ppm/bin/node',1 verbose cli
'/Applications/Pulsar.app/Contents/Resources/app/ppm/node_modules/npm/bin/npm-cli.js',1 verbose cli   '--globalconfig',1
verbose cli   '/Users/******/.pulsar/.apm/.apmrc',1 verbose cli

[CaptainComeback]

I also can run this command without an error ppm config set cafile <path_to_file> I was hoping it worked but I did not get the result I was hoping for. Thank you very much for your time and help with this problem. Have a good day. Sorry for sending the sending the log like that. I was replying via email on my phone.

[CaptainComeback]

0 info it worked if it ends with ok
1 verbose cli [
1 verbose cli   '/Applications/Pulsar.app/Contents/Resources/app/ppm/bin/node',
1 verbose cli   '/Applications/Pulsar.app/Contents/Resources/app/ppm/node_modules/npm/bin/npm-cli.js',
1 verbose cli   '--globalconfig',
1 verbose cli   '/Users/******/.pulsar/.apm/.apmrc',
1 verbose cli   '--userconfig',
1 verbose cli   '/Users/******/.pulsar/.apmrc',
1 verbose cli   'install',
1 verbose cli   'https://api.pulsar-edit.dev/api/packages/pulsar-ide-python/versions/1.10.1/tarball',
1 verbose cli   '--target=12.2.3',
1 verbose cli   '--disturl=https://artifacts.electronjs.org/headers/dist',
1 verbose cli   '--arch=x64',
1 verbose cli   '--global-style'
1 verbose cli ]
2 info using [email protected]
3 info using [email protected]
4 verbose npm-session fa8ed1456ca4a8f4
5 silly install loadCurrentTree
6 silly install readLocalPackageData
7 http fetch GET 200 https://codeload.github.com/mjrodgers/pulsar-ide-python/legacy.tar.gz/refs/tags/v1.10.1 1141ms
8 silly pacote remote manifest for undefined@https://api.pulsar-edit.dev/api/packages/pulsar-ide-python/versions/1.10.1/tarball fetched in 1154ms
9 timing stage:loadCurrentTree Completed in 1172ms
10 silly install loadIdealTree
11 silly install cloneCurrentTreeToIdealTree
12 timing stage:loadIdealTree:cloneCurrentTree Completed in 0ms
13 silly install loadShrinkwrap
14 timing stage:loadIdealTree:loadShrinkwrap Completed in 0ms
15 silly install loadAllDepsIntoIdealTree
16 silly resolveWithNewModule [email protected] checking installable status
17 http fetch GET 200 https://registry.npmjs.org/which 340ms
18 http fetch GET 200 https://registry.npmjs.org/which/-/which-2.0.2.tgz 108ms
19 silly pacote range manifest for which@^2.0.2 fetched in 455ms
20 silly resolveWithNewModule [email protected] checking installable status
21 http fetch GET 200 https://registry.npmjs.org/atom-languageclient 840ms
22 http fetch GET 200 https://registry.npmjs.org/atom-languageclient/-/atom-languageclient-1.16.1.tgz 1361ms
23 silly pacote range manifest for atom-languageclient@^1.14.1 fetched in 2208ms
24 silly resolveWithNewModule [email protected] checking installable status
25 http fetch GET 200 https://registry.npmjs.org/@types%2frimraf 123ms
26 http fetch GET 200 https://registry.npmjs.org/@types/rimraf/-/rimraf-3.0.2.tgz 130ms
27 silly pacote range manifest for @types/rimraf@^3.0.1 fetched in 259ms
28 silly resolveWithNewModule @types/[email protected] checking installable status
29 http fetch GET 200 https://registry.npmjs.org/rimraf 282ms
30 http fetch GET 200 https://registry.npmjs.org/vscode-languageserver-types 306ms
31 http fetch GET 200 https://registry.npmjs.org/vscode-languageserver-protocol 354ms
32 http fetch GET 200 https://registry.npmjs.org/atom-ide-base 386ms
33 http fetch GET 200 https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz 121ms
34 silly pacote range manifest for rimraf@^3.0.2 fetched in 408ms
35 silly resolveWithNewModule [email protected] checking installable status
36 http fetch GET 200 https://registry.npmjs.org/zadeh 462ms
37 http fetch GET 200 https://registry.npmjs.org/vscode-languageserver-types/-/vscode-languageserver-types-3.16.0.tgz 232ms
38 silly pacote version manifest for [email protected] fetched in 543ms
39 silly resolveWithNewModule [email protected] checking installable status
40 http fetch GET 200 https://registry.npmjs.org/vscode-jsonrpc 555ms
41 http fetch GET 200 https://registry.npmjs.org/vscode-languageserver-protocol/-/vscode-languageserver-protocol-3.16.0.tgz 457ms
42 silly pacote version manifest for [email protected] fetched in 816ms
43 silly resolveWithNewModule [email protected] checking installable status
44 http fetch GET 200 https://registry.npmjs.org/vscode-jsonrpc/-/vscode-jsonrpc-6.0.0.tgz 379ms
45 http fetch GET 200 https://registry.npmjs.org/atom-ide-base/-/atom-ide-base-3.3.0.tgz 550ms
46 silly pacote version manifest for [email protected] fetched in 943ms
47 silly resolveWithNewModule [email protected] checking installable status
48 silly pacote range manifest for atom-ide-base@^3.3.0 fetched in 945ms
49 silly resolveWithNewModule [email protected] checking installable status
50 timing npm Completed in 6939ms
51 error cb() never called!
52 error This is an error with npm itself. Please report this error at:
53 error <https://npm.community>

[CaptainComeback]

I am using version Pulsar-1.106.2023062117