search

microsoft / vscode

Visual Studio Code
https://code.visualstudio.com
MIT License
162.51k stars 28.65k forks source link

Unsigned cert error #188883

Closed kieferrm closed 1 year ago

kieferrm commented 1 year ago

Testing #188686

Following the steps I get the following output:

Note: Make sure to replace all sensitive information with dummy values before sharing this output.

VS Code 1.81.0-insider (fda972663af87b4d1dab87845e36c357738b44f9)
Network Proxy Test 0.0.8
darwin 21.6.0 arm64

Settings:
- http.proxy: 
- http.proxyAuthorization: null
- http.proxyStrictSSL: true
- http.proxySupport: override
- http.systemCertificates: true

Environment variables:

Sending HTTP2 GET request to https://localhost:3000...
Received error: self signed certificate (DEPTH_ZERO_SELF_SIGNED_CERT)
Retrying while ignoring certificate issues to collect information on the certificate chain.

Sending HTTP2 GET request to https://localhost:3000 (allowing unauthorized)...
Received response:
- Status: 200 OK
Certificate chain:
- Subject: kieferrm-host (kieferrm)
  Validity: Jul 26 01:29:02 2023 GMT - Jul 25 01:29:02 2024 GMT
  Fingerprint: 8B:EF:DC:EF:4B:81:2D:B2:DE:64:E4:C1:6F:70:A8:C4:C7:D7:67:B3
  Self-signed
Local root certificates:
- Subject: C=US ST=WA L=Seattle O=kieferrm CN=kieferrm-host emailAddress=kieferrm\+ca@gmail.com
  Validity: Jul 26 01:29:02 2023 GMT - Jul 25 01:29:02 2024 GMT
  Fingerprint: 8B:EF:DC:EF:4B:81:2D:B2:DE:64:E4:C1:6F:70:A8:C4:C7:D7:67:B3
  Issuer: C=US ST=WA L=Seattle O=kieferrm CN=kieferrm-host emailAddress=kieferrm\+ca@gmail.com

This is the system information:

Version:          Code - Insiders 1.81.0-insider (fda972663af87b4d1dab87845e36c357738b44f9, 2023-07-25T08:14:58.320Z)
OS Version:       Darwin arm64 21.6.0
CPUs:             Apple M1 (8 x 24)
node.js     v16.20.0
chrmarti commented 1 year ago

This seems to be an issue with the certificate (maybe the hostname or something else). I'll update the instructions to include the "subject" which will also skip all manual entries:

openssl req -x509 -newkey rsa:4096 -keyout server_localhost_key.pem -out server_localhost_crt.pem -days 365 -nodes -subj /CN=localhost

Using that then works for me on macOS.

kieferrm commented 1 year ago

I still see the same issue with a newly generated certificate:

Note: Make sure to replace all sensitive information with dummy values before sharing this output.

VS Code 1.81.0-insider (862fa13002d8018c328931ee1edccfd4ca76447d)
Network Proxy Test 0.0.8
darwin 21.6.0 arm64

Settings:
- http.proxy: 
- http.proxyAuthorization: null
- http.proxyStrictSSL: true
- http.proxySupport: override
- http.systemCertificates: true

Environment variables:

Sending HTTP2 GET request to https://localhost:3000...
Received error: self signed certificate (DEPTH_ZERO_SELF_SIGNED_CERT)
Retrying while ignoring certificate issues to collect information on the certificate chain.

Sending HTTP2 GET request to https://localhost:3000 (allowing unauthorized)...
Received response:
- Status: 200 OK
Certificate chain:
- Subject: localhost
  Validity: Jul 26 18:35:17 2023 GMT - Jul 25 18:35:17 2024 GMT
  Fingerprint: DB:2C:FB:F5:48:68:64:9A:46:DC:FD:58:B2:BB:87:65:72:29:A8:DF
  Self-signed
Local root certificates:
- Subject: CN=localhost
  Validity: Jul 26 18:35:17 2023 GMT - Jul 25 18:35:17 2024 GMT
  Fingerprint: DB:2C:FB:F5:48:68:64:9A:46:DC:FD:58:B2:BB:87:65:72:29:A8:DF
  Issuer: CN=localhost
chrmarti commented 1 year ago

Could you:

The certificate seems to be picked up correctly, but just to compare: I have added mine under Certificates and System:

image
kieferrm commented 1 year ago

Reloading the window after I installed the certs did the trick. It seems like we catch the validity of the certs in the EH.

chrmarti commented 1 year ago

Missed that when writing instructions. (Adding it now in case I copy them for future test plan items.) Thanks!