Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proxy error: unable to get local issuer certificate #1862

Closed
joaomoreno opened this issue Jan 8, 2016 · 7 comments
Closed

Proxy error: unable to get local issuer certificate #1862

joaomoreno opened this issue Jan 8, 2016 · 7 comments
Assignees
Milestone

Comments

@joaomoreno
Copy link
Member

@joaomoreno joaomoreno commented Jan 8, 2016

From @dogfish182

2016-01-07_18-35-46

unable to get local issuer certificate
@joaomoreno

This comment has been minimized.

Copy link
Member Author

@joaomoreno joaomoreno commented Jan 8, 2016

Related to nodejs/node#3742

@dogfish182

This comment has been minimized.

Copy link

@dogfish182 dogfish182 commented Jan 8, 2016

I'm not sure how to address this for myself as I have a standard install of win10 without any node stuff that i knowingly installed... also the issue presents on a fresh windows 7 corporate image that we don't use for development, so a basic install of win 7 for us (and 10 and 8.1) will all exhibit the same issue.

@colhountech

This comment has been minimized.

Copy link

@colhountech colhountech commented Apr 25, 2016

This worked for me:
start a command prompt and navigate to working folder.

set NODE_TLS_REJECT_UNAUTHORIZED=0
code .

from http://stackoverflow.com/questions/33820733/error-unable-to-verify-the-first-certificate-how-to-trust-all-certificates

@joaomoreno

This comment has been minimized.

Copy link
Member Author

@joaomoreno joaomoreno commented Apr 25, 2016

@colhountech Does it work if you set "http.proxyStrictSSL": false in your settings?

@joaomoreno joaomoreno added the proxy label Jul 6, 2016
@wgknowles

This comment has been minimized.

Copy link

@wgknowles wgknowles commented Sep 9, 2016

// Whether the proxy server certificate should be verified against the list of supplied CAs.
This leads me to think there should be a way to add a CA to the "list of supplied CAs". Ideally, there should be a setting like http.useMachineCAStore that taps into the trusted root CA list of the system (same one used by IE)

Doesn't setting "http.proxyStrictSSL": false result in all CA's and self-signed certs being trusted? Seems like we are asking for a MITM hack.

@psmoot

This comment has been minimized.

Copy link

@psmoot psmoot commented Sep 12, 2016

I'm having the same issue on Ubuntu 16 behind a firewall. Setting NODE_TLS_REJECT_UNAUTHORIZED worked but setting http.proxyStrictSSL did not.

I'm happy to try new builds if that will help resolving the issue, just let me know.

@joaomoreno

This comment has been minimized.

Copy link
Member Author

@joaomoreno joaomoreno commented Sep 13, 2016

@psmoot #11702 Fix is out in 1.5.2.

@wgknowles Unfortunately we didn't dedicate time to look into the CA list yet.

Closing this as it seems a duplicate of #11702.

@joaomoreno joaomoreno closed this Sep 13, 2016
@vscodebot vscodebot bot locked and limited conversation to collaborators Nov 18, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
5 participants
You can’t perform that action at this time.