How to refresh bower package certificate? – Bower

The Problem:

The build process for a Docker container fails with the error ‘certificate has expired’ when attempting to install a Bower package. The issue has recently surfaced despite the build process working successfully for an extended period. The objective is to find a way to refresh or update the missing certificate to resolve the error and allow the build to complete successfully.

The Solutions:

Solution 1: Refreshing Bower Package Certificate

To refresh the Bower package certificate, locate the “.bowerrc” file in your project directory and add the following lines to it:

"strict-ssl": false,
"https-proxy": "",

This approach is a workaround and not considered best practice. However, it can be useful when dealing with outdated Bower plugins or using Bower as a whole, which is also not considered best practice.

Solution 2: Workarounds for expired certificates

In the case of using older Debian distributions like those in `node:6` and `node:4` Docker images, the letsencrypt certificate of registry.bower.io might have expired. To work around this issue:

For node:6 / Debian Stretch:

1. Remove the expired letsencrypt X3 certificate and install the new ISRG X1 root CA:

   # manually remove expired letsencrypt X3 certificate and install the new ISRG X1 root CA 
   RUN mkdir -p /usr/share/ca-certificates/letsencrypt/ \
     && cd /usr/share/ca-certificates/letsencrypt/ \
     && curl -kLO https://letsencrypt.org/certs/isrgrootx1.pem \
     && perl -i.bak -pe 's/^(mozilla\/DST_Root_CA_X3.crt)/!$1/g' /etc/ca-certificates.conf \
     && update-ca-certificates
   

2. Instruct bower to use the system-wide CA system:

   RUN NODE_OPTIONS=--use-openssl-ca bower install ...
   

For node:4 / Debian Jessie:

Since it’s not possible to force this older npm version to use openssl-ca, disable SSL checking instead:

RUN <<EOR
cat <<EOF > .bowerrc
{
  "registry": "https://registry.bower.io",
  "strict-ssl": false,
  "https-proxy": "" 
}
EOF
EOR

Solution 3: Point to newer registry in `.bowerrc`

The error message indicates that the certificate used by the Bower registry has expired. To resolve this issue, you can update the registry URL in your `.bowerrc` file to point to a newer registry.

 {
  "directory": "bower_components",
  "registry": "https://bower.herokuapp.com"
}

Solution 4: Remove old bower-cache

Usually this error occurs due to mismatch between the dependency version in the project and the version present in the bower-cache. Follow this step to resolve the issue:

1. Delete the bower-cache:

   rm -rf ~/.bower/cache

2. Update bower version:

   npm install -g bower 

3. Re-run the bower install command:

   bower install  --allow-root

4. Check for the updated Bower cache:

   ls ~/.bower/cache

Note: Use bower list to check what packages you have installed in bower.

**Solution 1**
Input
“`

Request bata=”out ”

Q&A

How to refresh a missing certificate?

—

Add this to your Dockerfile, just before you are doing the bower install as a workaround:

An alternative method to refresh certificate?

—

bower install still works for newer versions of node. From what I noticed, the certificate stopped working for the version 6, 7 and 8.

Where to find the git url for all bower packages?

—

https://registry.bower.io/packages

Video Explanation: