SSL error when checking for updates. No action option to connect anyway.

[Liquidmantis]

When checking for updates while behind a corporate proxy, an SSL error is given and the user is asked if they want to connect anyway, but there is no option to do so. Disabling strict SSL doesn't help either.

• VSCode Version: 1.14.0-insider
• OS Version: MacOS 10.12.5

Steps to Reproduce:

1. Check for VS Code Update

[joaomoreno]

Interesting, never saw this.

[angelo-hub]

Bump, I'm also getting this when checking for updates

[joaomoreno]

https://code.visualstudio.com/docs/setup/network#_ssl-certificates

Does the update work if you launch Code with --ignore-certificate-errors?

[angelo-hub]

Hey @joaomoreno I tried that, and it didn't work, I'm also behind a corporate proxy though, however when I bypass the proxy to do the update, it still doesn't work.

[joaomoreno]

it still doesn't work

But you still get the same SSL error?

[rdamron]

Also having this issue.

The problem is very likely due to corporate firewall proxy. Our proxy will mitm tls traffic to do deep packet inspection.

The problem is that the root cert used to sign the the certs presented isn't part of the bundled chrome binary in electron and electron doesn't pick up certs from the host environment.

I've gotten around this in my own electron apps by manually adding the cert to https.globalAgent. Perhaps there could be a config option to add certs?

function addRootCA() {
  const trustedCa = ["rootca.crt"];

  https.globalAgent.options.ca = [];
  for (const ca of trustedCa) {
    capath = path.join(__dirname, ca);
    https.globalAgent.options.ca.push(fs.readFileSync(capath));
  }
}

[joaomoreno]

To keep the number of issues in our inbox on a manageable level, we're closing issues that have been on the backlog for a long time but haven't gained traction: We look at the number of votes the issue has received and the number of duplicates issues filed.

Thanks for your understanding. Happy coding!