GitHub Copilot in VS-Code — Fixing the “self-signed certificate” error

Summary

The website content provides a solution for fixing the "self-signed certificate" error encountered when using GitHub Copilot in Visual Studio Code, particularly within corporate networks that employ a 'Man-in-the-middle' appliance for SSL traffic inspection.

Abstract

The article addresses a common issue faced by users trying to access GitHub Copilot BETA mode, where a "self-signed certificate" error prevents successful connection to the server. This problem is especially prevalent in corporate environments where SSL traffic is monitored for security purposes, leading to the replacement of legitimate certificates with those signed by the company's private Certificate Authority (CA). The author shares their experience with the error and credits a detailed explanation found on StackOverflow, which elucidates the cause of the error as a result of the corporate network's security measures. The article also highlights the community's response to the issue by presenting two VS-Code extensions designed to resolve the connectivity problem: one for Windows users (win-ca extension) and one for MacOS users (Mac CA VSCode extension). Installation of the appropriate extension is recommended to bypass the error and successfully run GitHub Copilot.

Opinions

The author appreciates the detailed explanation provided by another developer regarding the root cause of the "self-signed certificate" error.
There is an acknowledgment of the inconvenience caused by such errors and the time wasted troubleshooting without proper guidance.
The author expresses gratitude towards the open-source community for developing practical solutions, such as the VS-Code extensions, to overcome the issue.
The article implies that open-source contributions, like the extensions mentioned, are highly valuable and exemplify the benefits of collaborative problem-solving in the tech community.

GitHub Copilot in VS-Code — Fixing the “self-signed certificate” error

GitHub Copilot Logo

Some time ago I got access to the GitHub Copilot BETA mode but I missed out on the opportunity to testing it because I was having a problem with a “self signed certificate” and all I could find on the internet was “You must be behind a firewall”. So I wanted to write this brief post for people that find the same problem and don’t want to waste a couple of hours of their lives troubleshooting.

This year our company finally got licenses and I was part of the group of few people that had the same error, more specifically this:

[ERROR] [default] [2023–03–21T15:19:15.057Z] GitHub Copilot could not connect to server. Extension activation failed: “self signed certificate in certificate chain”

Thankfully some great developer provided a really detailed explanation of what the issue was:

Most corporate networks have a ‘Man-in-the-middle’ appliance that dynamically breaks open all secure SSL traffic leaving home to enter the internet. This ensures they can inspected any traffic leaving, including your online banking. Usually automation scrubs the traffic looking for theft of company secrets or IP and raises alerts.

It all gets logged and reviewed further if need be. This action leaves behind a fake cert chain as a fingerprint. The cert for the called site is replaced with a fake, and one signed by the company’s own private CA authority. Hence the self-signed cert in the cert chain error.

You can read the full explanation in StackOverflow.com

Even better, somebody created a VS-Code extension to overcome this problem and there are two versions:

Just installed the extension you need depending on your operating system, and then run Copilot again, it should work this time.

Open source is great isn’t it?