9

Currently, the only way to use VSCode get around a corporate firewall that requires company CA certificates is to set "http.proxyStrictSSL = false" in the config. This is a no-go for me at work. I know that VSCode uses the Chromium networking stack, so there is a way to modify the certificate store when building VSCode (as stated here: Getting Chrome to accept self-signed localhost certificate, for example)?

aspaltv
  • 115
  • 1
  • 7
  • You may be able to find more info here: https://stackoverflow.com/questions/36506539/how-do-i-get-visual-studio-code-to-trust-our-self-signed-proxy-certificate – Jan Schejbal Jul 27 '20 at 03:09

1 Answers1

4

According to https://code.visualstudio.com/docs/setup/network, the solution is to edit the system certificate store:

Since Chromium uses the OS's certificate trust infrastructure, the preferred option is to add your proxy's certificate to your OS's trust chain.

This means that your answer is OS-dependent:

  • Windows: Powershell Import-Certificate or the GUI equivalent
  • Mac: Via Keychain Access
  • NSS under linux - it is unclear which NSS database it uses. certutil is used to edit them.
Jan Schejbal
  • 4,000
  • 19
  • 40
  • Thanks for the response! I do remember seeing something like this about 2 years ago. Since I don't have to deal with a corporate firewall anymore it might require me to test it with mitmproxy or something like that. – aspaltv Jul 27 '20 at 03:18