How to overcome this situation in such scenarios:

ARTIFACTORY: Why am I observing “unsafe legacy renegotiation disabled” during NPM install?

AuthorFullName__c
Janardhana JL
articleNumber
000005766
ft:sourceType
Salesforce
FirstPublishedDate
2023-06-07T06:46:05Z
lastModifiedDate
2023-06-06
VersionNumber
1
1. Downgrading the node version to 16.x and below, since node 17 and above, removed the OpenSSL option to accept legacy servers. We can also see a similar example here.

2. The above error message suggests that there is an issue with SSL renegotiation between the Node/NPM client, OPENSSL, and the Load balancer when the request is trying to reach the Artifactory server. In most of the cases, we could see that the request would not reach the Artifactory and gets terminated at the Proxy/Load balancer level, and at the NPM client output we could notice the error "SSL routines:final_renegotiate: unsafe legacy renegotiation disabled at the client side ". If you are using any firewall/VPN, allowing renegotiation would help (for example: Allowing renegotiation at the Netscaler for the endpoint or SSL negotiation configuration of your Load Balancer side (for example AWS LB SSL config), would help in fixing the issue. Similar use cases have been discussed here in the Github issues.

3. You could also refer to this External Article for a few suggestions. Try to add the certificate at the NPM and node level and set the Flag "export NODE_TLS_REJECT_UNAUTHORIZED=0" and check if that helps in overcoming the behavior.

4. This error can also often be caused by using an outdated version of the OpenSSL library. To resolve this issue, you can try upgrading OpenSSL on the client side to a newer version that supports the TLS renegotiation protocol.