search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.25k stars 4.73k forks source link

X.509 Cert #109478

Open raselldev opened 2 hours ago

raselldev commented 2 hours ago

Description

I just install some nuget package with some warning,

info : X.509 certificate chain validation will use the fallback certificate bundle at '/usr/local/share/dotnet/sdk/8.0.403/trustedroots/codesignctl.pem'.
info : X.509 certificate chain validation will use the fallback certificate bundle at '/usr/local/share/dotnet/sdk/8.0.403/trustedroots/timestampctl.pem'.

i just run dotnet dev-certs https --trust and still get error like above

Trusting the HTTPS development certificate was requested. If the certificate is not already trusted we will run the following command:
'security add-trusted-cert -p basic -p ssl -k <<login-keychain>> <<certificate>>'
This command might prompt you for your password to install the certificate on the keychain. To undo these changes: 'security remove-trusted-cert <<certificate>>'

IDE: Jetbrains Rider (Mac M1) Terminal: iTerm2

Reproduction Steps

  1. running dotnet add package SomePackage
  2. Get warning

Expected behavior

Not showing error

Actual behavior

-

Regression?

No response

Known Workarounds

No response

Configuration

No response

Other information

No response

dotnet-policy-service[bot] commented 2 hours ago

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones See info in area-owners.md if you want to be subscribed.

vcsjones commented 32 minutes ago

My understanding is that these are not errors, they are just informational text that comes from NuGet.

/cc @dtivel