Troubleshooting the Fluent CLI

Symptom: Error during the CLI installation

When installing Fluent CLI, the `npm install` command fails due to an HTTPS certificate issue.

1npm install -g https://downloads.fluentcommerce.com/v1.0.0/fluent-cli/release/latest
2npm error code UNABLE_TO_GET_ISSUER_CERT_LOCALLY

The most common root cause on corporate laptops is that there is a security mechanism in place - like a locally installed agent or proxy - that decrypts the traffic from the official Fluent Download Server in order to inspect the contents and then re-encrypts the traffic before sending it to NPM. The encryption then is with a different certificate, one that NPM does not have access to. 

While this means that the downloaded contents from the Fluent Download Server may have been tempered with, given that this interception and inspection is a required corporate security step, it will need to be accepted and worked around on a case-by-case basis.

Note that you will also encounter the same root cause when running the Fluent CLI. See the next FAQ entry for a resolution!

Resolution: Disable SSL verification globally for all Node.js applications using npm

Run the following command and then re-execute the installation step `npm install ...`

1npm config set strict-ssl false

Make sure to turn back on the certificate validation when done with the installation!

Issue: AxiosError when running the Fluent CLI command

When executing a Fluent CLI command, it fails with a `API Error: AxiosError`

1fluent module config order --retailer b2c --profile cli-b2c
2error: Got error: unable to get local issuer certificate (UNABLE_TO_GET_ISSUER_CERT_LOCALLY)
3error: Could not download module, exiting

This is a continuation of the symptom you will have encountered when installing the Fluent CLI.

The most common root cause on corporate laptops is that there is a security mechanism in place - like a locally installed agent or proxy - that decrypts the traffic from the official Fluent Download Server in order to inspect the contents and then re-encrypts the traffic before sending it to NPM. The encryption then is with a different certificate, one that NPM does not have access to. 

While this means that the downloaded contents from the Fluent Download Server may have been tempered with, given that this interception and inspection is a required corporate security step, it will need to be accepted and worked around on a case-by-case basis.

Resolution: Disable certificate validation for HTTPS connections

Add the `NODE_TLS_REJECT_UNAUTHORIZED` environment variable and then re-execute the Fluent CLI command. 

1set NODE_TLS_REJECT_UNAUTHORIZED=0  # Windowns
2# --or--
3export NODE_TLS_REJECT_UNAUTHORIZED=0  # Linux / Mac

This setting disables the SSL certificate checks for the current terminal session. Given the potential security impact it is recommended to use this setting selectively.