Login fails with above error message. Proxy settings are configured as described in the troubleshooting guide. However, the ZScaler proxy used by our company monitors SSL connections by breaking them up with an intermediate root certificate. I already created a new root CA pem file and tried hard to make Inkdrop use it, to no avail. I also tried setting
strict-ssl=false in the
ipm config which seems to fix the problem for the package manager but not for Inkdrop itself.
- Platform: Windows
- Platform version: 10
- App Version: latest
Do you mean you are using a self-signed certificate?
That’s not recommended though I guess you have no choice to use it - Following pages might be helpful:
I don’t get why
ipm works with
strict-ssl=true (which should be
true by default btw) because that config lets
ipm check if your certificate is valid.
NODE_EXTRA_CA_CERTS in your environment variables would solve the problem, according to this post:
I’m sorry, it should have been
strict-ssl=false. I tried the
NODE_EXTRA_CA_CERTS way already but it didn’t work. By the way, I have the exact same problem with Atom. Downloading packages via Atom fails with the abovementioned error message whereas
apm from the command line works fine as long as
strict-ssl is off.
Hmm, basically I can’t allow self-signed certificates with settings like
strict-ssl=false because the app has to ensure that our server is valid in order to prevent abuses.
It’s a ZScaler’s problem.
strict-ssl should be enabled. But that’s not the problem. The problem is that there seems to be no way to inject the ZScaler root certificate into the CA store. The ZScaler certificate is not ‘self-signed’, it is an intermediate certificate that must be trusted. Since I’m on the endpoint of the connection I should be allowed to modify the list of trusted certificates. When the root CA store is setup correctly it will work even with
Well, since it’s difficult to debug in my environment, it seems that you have to solve it by yourself.
Since the app (also Atom) is built with Electron, you can reproduce it on NodeJS.
NODE_EXTRA_CA_CERTS won’t work, I guess it should be your cert file problem.
Maybe this information about ca certs is helpful: