Problem
Our corporate firewall does SSL inspection and uses an intercept certificate that is installed on all machines. In most cases, certificate errors can be resolved by adding the correct config value to the program's .rc file (i.e. ~/.npmrc, ~/.condarc, etc). That doesn't seem to work with appcenter-cli, though, or at least I haven't found the correct way to do it. So when I try to login, I see:
Error: unable to get local issuer certificate
From browsing other issues, it doesn't seem like appcenter-cli currently works behind corporate proxies/firewalls. Is that still the case?
Functional Workaround
There's probably a better way to do this, but this brute force method worked for me. What you need to do is add your cafile to the request.js library that appcenter-cli is using. I'm on a Mac, so....
$ vi /usr/local/lib/node_modules/appcenter-cli/node_modules/request/request.js
Add fs include to the top:
var fs = require('fs')
Then, add the following line to the top of the Request (options) function:
options.ca = fs.readFileSync('/path/to/your/cert.pem')
After doing that, I can at least login.
@wtollett-usgs - Thanks for documenting this workaround! Unfortunately the App Center CLI doesn't officially support making requests behind a corporate firewall, but hopefully this can help unblock some people that need this. I'll leave this issue open so that other people can find this in the future.
Since Node 7.3.0, additional certs can be made available to the node process by using NODE_EXTRA_CA_CERTS environment variable with path to the cert file. Setting this environment variable `export NODE_EXTRA_CA_CERTS="/path/to/certs/cert.pem" should work.
Most helpful comment
Since Node 7.3.0, additional certs can be made available to the node process by using NODE_EXTRA_CA_CERTS environment variable with path to the cert file. Setting this environment variable `export NODE_EXTRA_CA_CERTS="/path/to/certs/cert.pem" should work.