Custom NuGet feed with invalid certificate

3
votes

How do I disable SSL certificate check with nuget command?

PS C:\Softwares> .\nuget.exe list

Unable to load the service index for source https://asd.ca/api/feeds. An error occurred while sending the request. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.

Please note that I am not planning to upload new package, just wanted to restore my .net packages.

2
.netvisual-studionuget
@PerryQian-MSFT I could find a work around for that by opening fiddler and set SSL - SECURITY: "Ignore server certificate errors" , present in options dialog.codebased

2 Answers

3
votes

Custom NuGet feed with invalid certificate

I think this issue is related to your nuget Package source feed https://asd.ca/api/feeds or some settings which conflicts with it due to some reasons.

You can try these steps:

Suggestion

First, please make sure that you can access https://asd.ca/api/feeds and can get any request from it and troubleshoot the problem that are not feed addresses.

Second, open VS and make sure that the URL https://asd.ca/api/feeds is checked under Tools-->Options-->Nuget Package Manager--> Package Source and all the urls which are used to restore the nuget packages of your solution are checked.

1) clean the nuget cache or delete the packages folder under C:\Users\xxxx\.nuget

2) open registry editor and then Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client and change the value of this key DisabledByDefault to 1.

3) run powershell as administrator and then type these:

reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /f /reg:64
reg add HKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 /v SystemDefaultTlsVersions /t REG_DWORD /d 1 /f /reg:32

More info you can refer to this link.

Besides,also try this function in powershell:

nuget trusted-signers Add -Name xxxxxxx(package source name) -ServiceIndex https://asd.ca/api/feeds.

You can also refer to this link.

4) try to change to use another domain on internet Explorer in case the current domain is restricted by certain tools.

5) go to Settings( Global Settings of your PC ) --> Network and Internet --> Proxy --> Automatic Proxy Setup --> and set Automatically detect settings to off.

Hope it could help you.

1
votes

I had same problem and my solution is "Download and add certificate to Windows Certificate Manager"

  1. Download *.crt file in browser 2
  2. run MMC.EXE
  3. File, Add Snap-In: Certificates
  4. Import certificate in Local Computer -> Trusted root certificate authorities
  5. Reboot