diff --git a/.changeset/cool-pugs-reply.md b/.changeset/cool-pugs-reply.md
new file mode 100644
index 0000000000..2777b97b80
--- /dev/null
+++ b/.changeset/cool-pugs-reply.md
@@ -0,0 +1,6 @@
+---
+"supi": patch
+---
+
+Fix a regression introduced in pnpm v5.0.0.
+Create correct lockfile when the package tarball is hosted not under the registry domain.
diff --git a/packages/supi/package.json b/packages/supi/package.json
index 23d66f0cd7..6e8bb4861a 100644
--- a/packages/supi/package.json
+++ b/packages/supi/package.json
@@ -103,6 +103,7 @@
     "is-ci": "2.0.0",
     "is-windows": "1.0.2",
     "ncp": "2.0.0",
+    "nock": "^12.0.3",
     "npm-run-all": "4.1.5",
     "path-exists": "4.0.0",
     "path-name": "1.0.0",
diff --git a/packages/supi/src/install/lockfile.ts b/packages/supi/src/install/lockfile.ts
index f2269afb4e..12ec01ea6e 100644
--- a/packages/supi/src/install/lockfile.ts
+++ b/packages/supi/src/install/lockfile.ts
@@ -18,7 +18,7 @@ export function depPathToRef (
   if (depPath.startsWith(`${registryName}/`) && !depPath.includes('/-/')) {
     depPath = depPath.replace(`${registryName}/`, '/')
   }
-  if (opts.alias === opts.realName) {
+  if (depPath[0] === '/' && opts.alias === opts.realName) {
     const ref = depPath.replace(`/${opts.realName}/`, '')
     if (!ref.includes('/')) return ref
   }
diff --git a/packages/supi/test/lockfile.ts b/packages/supi/test/lockfile.ts
index 520ebacc56..cb42f017e5 100644
--- a/packages/supi/test/lockfile.ts
+++ b/packages/supi/test/lockfile.ts
@@ -7,7 +7,9 @@ import { fromDir as readPackageJsonFromDir } from '@pnpm/read-package-json'
 import { getIntegrity, REGISTRY_MOCK_PORT } from '@pnpm/registry-mock'
 import { ProjectManifest } from '@pnpm/types'
 import rimraf = require('@zkochan/rimraf')
+import loadJsonFile = require('load-json-file')
 import fs = require('mz/fs')
+import nock = require('nock')
 import path = require('path')
 import exists = require('path-exists')
 import R = require('ramda')
@@ -1128,3 +1130,58 @@ test('broken lockfile is fixed even if it seems like up-to-date at first. Unless
   const lockfile = await project.readLockfile()
   t.ok(lockfile.packages['/dep-of-pkg-with-1-dep/100.0.0'])
 })
+
+const REGISTRY_MIRROR_DIR = path.join(__dirname, '../../../registry-mirror')
+
+// tslint:disable:no-any
+const isPositiveMeta = loadJsonFile.sync<any>(path.join(REGISTRY_MIRROR_DIR, 'is-positive.json'))
+// tslint:enable:no-any
+const tarballPath = path.join(REGISTRY_MIRROR_DIR, 'is-positive-3.1.0.tgz')
+
+test('tarball domain differs from registry domain', async (t: tape.Test) => {
+  nock('https://registry.example.com', { allowUnmocked: true })
+    .get('/is-positive')
+    .reply(200, isPositiveMeta)
+
+  nock('https://registry.npmjs.org', { allowUnmocked: true })
+    .get('/is-positive/-/is-positive-3.1.0.tgz')
+    .replyWithFile(200, tarballPath)
+
+  const project = prepareEmpty(t)
+
+  await addDependenciesToPackage({},
+    [
+      'is-positive',
+    ], await testDefaults({
+      fastUnpack: false,
+      lockfileOnly: true,
+      registries: {
+        default: 'https://registry.example.com',
+      },
+      save: true,
+    })
+  )
+
+  const lockfile = await project.readLockfile()
+
+  t.deepEqual(lockfile, {
+    dependencies: {
+      'is-positive': 'registry.npmjs.org/is-positive/3.1.0',
+    },
+    lockfileVersion: LOCKFILE_VERSION,
+    packages: {
+      'registry.npmjs.org/is-positive/3.1.0': {
+        dev: false,
+        engines: { node: '>=0.10.0' },
+        name: 'is-positive',
+        resolution: {
+          integrity: 'sha1-hX21hKG6XRyymAUn/DtsQ103sP0=',
+          registry: 'https://registry.example.com/',
+          tarball: 'https://registry.npmjs.org/is-positive/-/is-positive-3.1.0.tgz',
+        },
+        version: '3.1.0',
+      },
+    },
+    specifiers: { 'is-positive': '^3.1.0' },
+  })
+})
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 6c05876b89..f71d08a1ec 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -2640,6 +2640,7 @@ importers:
       is-ci: 2.0.0
       is-windows: 1.0.2
       ncp: 2.0.0
+      nock: 12.0.3
       npm-run-all: 4.1.5
       path-exists: 4.0.0
       path-name: 1.0.0
@@ -2727,6 +2728,7 @@ importers:
       load-json-file: 6.2.0
       mz: 2.7.0
       ncp: 2.0.0
+      nock: ^12.0.3
       normalize-path: 3.0.0
       npm-run-all: 4.1.5
       p-every: 2.0.0
diff --git a/registry-mirror/is-positive-3.1.0.tgz b/registry-mirror/is-positive-3.1.0.tgz
new file mode 100644
index 0000000000..a1e2a48220
Binary files /dev/null and b/registry-mirror/is-positive-3.1.0.tgz differ
diff --git a/registry-mirror/is-positive.json b/registry-mirror/is-positive.json
new file mode 100644
index 0000000000..3e8b9260d1
--- /dev/null
+++ b/registry-mirror/is-positive.json
@@ -0,0 +1,78 @@
+{
+  "versions": {
+      "1.0.0": {
+          "name": "is-positive",
+          "version": "1.0.0",
+          "devDependencies": {
+              "ava": "^0.0.4"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "integrity": "sha512-9cI+DmhNhA8ioT/3EJFnt0s1yehnAECyIOXdT+2uQGzcEEBaj8oNmVWj33+ZjPndMIFRQh8JeJlEu1uv5/J7pQ==",
+              "shasum": "88009856b64a2f1eb7d8bb0179418424ae0452cb",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-1.0.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      },
+      "2.0.0": {
+          "name": "is-positive",
+          "version": "2.0.0",
+          "devDependencies": {
+              "ava": "^0.0.4"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "integrity": "sha512-K+obMwRFQAMZb54Jia82SjPdOyBQ4UX8DSowwWCVhzwJOnAxZZ7UsAEI8sH2R6GhFI9efNeH3VGgOLPdzkMTaA==",
+              "shasum": "b14f06bd2db810ae6c8b12741d136bfaef0d87bd",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-2.0.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      },
+      "3.0.0": {
+          "name": "is-positive",
+          "version": "3.0.0",
+          "devDependencies": {
+              "ava": "^0.0.4"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "integrity": "sha512-k1fsSAMxK5AjqPB45vXZrojz/UvY+BMSut1nrFBv5MM7uBIrncljDKEElsem5yEkFGxIiRpbCwgaMvny+85DsQ==",
+              "shasum": "8ef0ee22f7ce24f7633f8908030ec48b62acf4a3",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-3.0.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      },
+      "3.1.0": {
+          "name": "is-positive",
+          "version": "3.1.0",
+          "devDependencies": {
+              "ava": "*",
+              "xo": "*"
+          },
+          "_hasShrinkwrap": false,
+          "directories": {},
+          "dist": {
+              "shasum": "857db584a1ba5d1cb2980527fc3b6c435d37b0fd",
+              "tarball": "https://registry.npmjs.org/is-positive/-/is-positive-3.1.0.tgz"
+          },
+          "engines": {
+              "node": ">=0.10.0"
+          }
+      }
+  },
+  "name": "is-positive",
+  "dist-tags": {
+      "stable": "3.0.0",
+      "latest": "3.1.0"
+  },
+  "modified": "2017-08-17T19:26:00.508Z"
+}