"SELF_SIGNED_CERT_IN_CHAIN" error behind self-signed SSL network #250
Comments
|
The last line of this log shows the reason: Which means while the application is trying to access You need to check if your network is running normally. Or, in a easy way, |
|
Thanks for reporting. I'll follow up in the coming week. |
|
It looks like you are running Lepton behind a corporate network that interjects a self-signed SSL certificate. The GitHub auth server refuses to exchange the auth code with the access token when it sees "unknown" certificate is used.
This is an interesting issue, I'll do some research on this topic. Stay tuned. |
hackjutsu
changed the title
hackjutsu
changed the title
|
I have tried troubleshooting the following: npm install npm -g --ca=null Neither command had any effect on Leptop logging in. As far as certificates go, I have about 150 self signed certificates, all for specific domains, none of which are for github. I guess I am not familiar with the authentication process - why is Lepton not using the cert issued by Github and instead digging up one of my locally installed certs? |
|
To be honest, I don't know. I don't have the environment to reproduce the issue so that I can learn more about it. Lepton simply forwards the auth code to GitHub servers and exchange for the access token. It doesn't have specific logic to decide which cert to use. The https://github.com/hackjutsu/Lepton/blob/master/app/utilities/githubApi/index.js#L23 I would like to learn more about it if someone knows about this topic. |
|
Not working yet. Someone managed to bypass this? |
|
@marvinbelfort alias lepton='NODE_TLS_REJECT_UNAUTHORIZED=0 /Applications/Lepton.app/Contents/MacOS/Lepton'Then I can just run it in terminal as Ideally though, Lepton should allow turning of SSL verification or specifying self-signed certs in |
|
Any solution for windows? What about the recommendation from @mgrebenets? I really want to use the tool behind a company proxy. |
|
Windows comes with PowerShell built-in these days If I'm not mistaken. |
|
Had the same issue. Spent ages trying to find the error and solution for a windows machine in a company network. Thanks for pointing this direction. For windows my solution was: Starting from cmd by simply typing "lepton" made it work like a charm :-) |
|
The method from @mgrebenets of setting the NODE_TLS_REJECT_UNAUTHORIZED worked for a similar problem I was having doing npm install on an electron project. Doesn't this compromise security, however? You're basically allowing ANY Man-In-The-Middle with a self-signed, invalid cert to work. |
|
Any interest in adding an option in |
|
Launching the app with NODE_TLS_REJECT_UNAUTHORIZED=0 raises error: Failed: undefined, any chance of fixing this issue? |
It works also for me. |
The more we know about your system and use case, the more easily and likely we can help.
Environment info
OS: Win 10
App Version (
Command/Ctrl + ,):Who knows / Doesn't matter:
Who knows: Theres no way to tell from the application when its stuck not logging in
Doesn't matter: The behavior is the same between 1.5.0 and 1.5.1-alpha
Description of the problem / feature request / question:
No version of Lepton has never logged in to GitHub for me. I have deleted the C:\Users<username>\AppData\Roaming\Lepton\ folder multiple times - it has zero effect
If possible, provide a sample gist or screenshot:
If possible, provide the log files
~/Library/Application Support/Lepton/logsC:\Users\<username>\AppData\Roaming\Lepton\logs~/.cached/Lepton/logs2017-12-12T22.45.02.250Z.log
The text was updated successfully, but these errors were encountered: