Ondrej Valenta
Reputation: 513
Rebar3 cannot download packages behind proxy, CA certificate is missing/unknown
When trying to download packages to be compiled with rebar3 behind a proxy server, especially in corporate environment with custom CA certificate, there is an error:
TLS client: In state certify at ssl_handshake.erl:2015 generated CLIENT ALERT: Fatal - Unknown CA
The expectation is that you can download packages for compilation on your system, both with mix deps.compile or with rebar3.
Upvotes: 2
Views: 219
Answers (1)
Ondrej Valenta
Reputation: 513
According to this comment all you have to do is:
- to download root CA certificate, for example, for repo.hex.pm
- store it somewhere on your disk, for example, as /temp/BestCompanyCA.crt
- on Windows, create a file
.config/rebar3/rebar.configin your C:\Users\[your username] folder - on Linux, create a file
~/.config/rebar3/rebar.config - and put in it this code with proper path to your root CA certificate
{ssl_cacerts_path, ["/usr/local/share/ca-certificates/Foo-CA.crt"]}.
Notice the . and the end of the line, it's important.
After that, you should have no issues.
Upvotes: 2
Related Questions
- Cannot add dependency to rebar3 config
- Rebar3 is unable to download dependency on Windows 10
- Why cannot I run rebar3 commands in an application generated with rebar3?
- Rebar3 release does not run and crash with cannot expand $ERTS_LIB_DIR in bootfile
- How can I use httpotion behind the proxy?
- https urls in coherence emails when phoenix is behind a proxy
- Certificate unknown while making a request with hackney even when passing insecure option
- mix does not work behind proxy