Thorium behind a corporate transparent MITM proxy (self-signed certificates, CA chain)

[NachoParra]

Hi,

Yesterday I started to play around Thorium so I can play licensed audiobooks from my public library, and it looks great as a default ebook reader app for the laptop.

I have a Calibre library on my NAS, which is served over HTTPS with COPS and Calibre-web.

I tried to add these two as catalogs, as well as the gutenberg opds feed and I get always the same error:

I suspect that the problem lies on my corporate transparent MITM proxy. On my corporate laptops we have a MITM proxy that signs with it's own corporate certificate all HTTPS connections. As on W11 and Firefox the corporate certificate has been added, no problem, but no inside Thorium and it's chromium browser, so whenever I try to connect to any OPDS library, I got the error.

Is there any way to add root certificates to Thorium? If not, can we somehow tell chromium not to validate any or a list of https certicates?

Thanks!

[danielweck]

Duplicate: https://github.com/edrlab/thorium-reader/issues/1904 (moving your feedback there, thank you very much!)

[danielweck]

Hello, I am reopening this issue as I think that the newly-introduced PROXY support in Thorium3 will not solve issues related to broken certificate chains. This needs further testing.

Note that we will likely upgrade to Electron 31 in a few weeks / months, which will introduce support NODE_EXTRA_CA_CERTS: https://github.com/electron/electron/releases/tag/v31.0.0 (this will probably ship in Thorium3.1, but not immediately in Thorium3.0 as this version of Electron has not been tested enough in the wild yet)

[NachoParra]

Great news!! I can setup a dev environment and test against my corporate configuration anytime.