Enterprise Root CA Support

[siada]

I work in an environment where all HTTP/S traffic is routed via a corporate packet inspector which requires them to install a root CA on my machine

The effect of this is any steps of the lando startup process that require an https connection will failure because of an untrusted certificate, specifically in my instance this prevents composer from working during the lando/laravel setup

I think it would be beneficial if we could specify additional root ca certs to be passed into each container

In my case, this results in the following:

PHP Warning:  copy(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in Command line code on line 1

Warning: copy(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in Command line code on line 1
PHP Warning:  copy(): Failed to enable crypto in Command line code on line 1

Warning: copy(): Failed to enable crypto in Command line code on line 1
PHP Warning:  copy(https://getcomposer.org/installer): failed to open stream: operation failed in Command line code on line 1

Warning: copy(https://getcomposer.org/installer): failed to open stream: operation failed in Command line code on line 1
Could not open input file: /tmp/composer-setup.php

[videohead]

I'm trying to resolve the same problem, in my case using Zscaler and I have the cert file which is ZscalerRootCertificate-2048-SHA256.crt but I cannot discover where to configure this to be imported into the container.

[keithdoyle9]

Having the same issue here. Tried the solution at https://docs.lando.dev/guides/lando-corporate-network-tips.html and it didn't work. The certificates are fine on the host machine and I can run curl commands no problem there. But not in the Lando containers.