self signed certificate in certificate chain on github copilot
I installed the GitHub copilot but the extension do not work, always show the following error :
GitHub Copilot could not connect to server. Extension activation failed: "self signed certificate in certificate chain"
Source: GitHub Copilot (Extension) Show Output log
What could I do to solve this ?
Copilot error: “GitHub Copilot could not connect to server. Extension activation failed: self-signed certificate in certificate chain” is generally caused using CoPilot behind a Corporate network.
Most corporate networks have a ‘Man-in-the-middle’ appliance that dynamically breaks open all secure SSL traffic leaving home to enter the internet. This ensures they can inspected any traffic leaving, including your online banking. Usually automation scrubs the traffic looking for theft of company secrets or IP and raises alerts. It all gets logged and reviewed further if need be.
This action leaves behind a fake cert chain as a fingerprint. The cert for the called site is replaced with a fake, and one signed by the company’s own private CA authority. Hence the self-signed cert in the cert chain error.
From any company device (Phones\Laptop) the company CA is already installed as a trusted CA. So the local browsers and other desktop apps trust this faked cert chain - and so do not raise any concerns someone is snooping your secure network traffic (the company does own the network and the device).
By default VSCode is not trusting the installed desktop certs, and so it noticed that the GitHub cert is no longer signed by a trusted public CA authority.
As Rypox states above, the VSCode extension ‘Win-CA’ (must be set to ‘append’ mode) solves this issue. It tells VSCode to also trust the CA’s installed on the employees desktop. This makes VSCode happy again trusting the fake cert chain. No 'whitelisting' needed and not 'VPN' related. But certinly not that obvious either. An interesting CA trust issue.
Confirming this does exist is easy from your browser. Go to any outside site (like Amazon) and review the sites “Cert” to see who the CA’s are (Certification Path). It should ‘not’ contain any reference to your company. Look at that same cert from outside the company network on your own personal laptop.
… “bit of a glitch in the Matrix”, installing Win-CA helps hides it again and all looks back to normal.
- How do I center an image in the README.md file on GitHub?
- Server SSH Fingerprint Failed to Verify
- How to resolve "git pull,fatal: unable to access 'https://github.com...\': Empty reply from server"
- SSH Key - Still asking for password and passphrase
- VSCode is stuck pushing content to my GitHub repo
- XAMPP won't update web source files until they're committed to Git on Chrome
- Git pushes old commit in different branch to new branch
- Github Profile Setting
- How to display Table in README.md file in Github?
- Decorating the pull request in GitHub with SonarQube (Community Edition)
- Not authorized. Please check the user token in the property 'sonar.token' or the credential
- Problem with git log command when using git
- Hosting executable on github
- There is a way to batch archive GitHub repositories based off of a search?
- git clone with HTTPS or SSH remote?
- Git push results in "Authentication Failed"
- "Invalid authentication data. Connection reset" When trying to log in to github within IntelliJ
- Getting a history of which commits were force pushed
- Git 404 There isn't a GitHub Pages site here
- How to enforce E2E tests before github release action
- SourceTree keeps asking for Github password
- Publicly share part of a private repo on Github
- How should I set the version number between releases?
- How do I specify a container image in GitHub actions using a secret?
- Revoking a Github app's authorization 404 not found error
- Git: Remove committed file after push
- Environment variables in github actions
- GitHub: How do I remove myself as a contributor of another person's repositories
- How to update pywin32 automatically?
- Migrate from on premise TFS 2018 to GitHub