IT Security and safety world
Sometimes in big companies the goal of the IT Security department is to make environment more safe. Due to this security lockdown, a lot of modern development tools stop working. The most common error is caused by self signed certificate in certificate chain problems. So how can we make them work properly? I’ve attached a few suggestions bellow
Remark: if you find something not working just let me know in the comments. Or send me an email or tweet. If you have an alternative solution, send it to me please. I will be more than happy to add it.
Git
Git SSL Problem
For error: fatal: unable to access 'https://github.com/garris/BackstopJS.git/': SSL certificate problem: self signed certificate in certificate chain
Or SSL certificate problem: unable to get local issuer certificate
Just run: git config http.sslVerify false
Git SSH Problem
When you have: ssh: connect to host ssh.github.com port 443: Bad file number
Open .gitconfig
file and in the end put:
1
2
[url "https://github.com/"]
insteadOf = git://github.com/
npm
The error shows only when you add --verbose
flag and it is something like: will retry, error on last attempt: Error: self signed certificate in certificate chain
The solution is to change the registry to use HTTP with following command: npm config set registry http://registry.npmjs.org/
Bower
If you have problems with git repo use above Git solution.
If the error is:Download of https://github.com/something/archive/0.7.0.tar.gz failed with SELF_SIGNED_CERT_IN_CHAIN, trying with git
create .bowerrc
file with following content:
1
2
3
{
"strict-ssl": false
}
VSCode - Visual Studio Code
If you get the following error in VS Code ETIMEDOUT 191.238.172.191:443
, there can be 2 possible solutions:
- If you have NTLM proxy, you need to install for example cntlm (http://cntlm.sourceforge.net/), then setup a global
HTTP_PROXY
environment variable or change user settings (File->Preferences-> User Settings). See below file for example. - If your company replaces the SSL certificate in User Settings, place following:
1 2 3 4 5
// Place your settings in this file to overwrite the default settings { "http.proxyStrictSSL": false, "http.proxy": "http://127.0.0.1:3128" //your CNTLM }
Vagrant - new box
There are following possibilities to add box behind the proxy:
- Download it by hand using browser and add it manually
- Putting an option in local or global
vagrantfile
(credit goes to Kevin P. Kucharczyk - more in comments):config.vm.box_download_insecure = true
- Using feature switch in command (credit goes to Kirtis Mcglynn - more in comments):
vagrant box add {your/box} --insecure
Vagrant - plugins
If you try to install a plugin with a command like this: vagrant plugin install vagrant-openstack-plugin
you may get this error: Could not verify the SSL certificate for
The solution to this is to use this alternative command: vagrant plugin install vagrant-openstack-plugin --plugin-source http://rubygems.org/
Ruby gems
Just add the new source with the following command: gem sources -a http://rubygems.org/