Is it possible to add support for trusting self-signed certificates to the Unity Hub when performing HTTP(S) communication? I know the Unity Package Manager offers support for that but I don’t see an option for the Unity Hub to do similarly.
My company funnels all HTTP(S) traffic through a proxy and manipulates the SSL certificates used in the communication.
With most applications using Node.js (which I believe this is an Electron app) I can use the environmental variable NODE_EXTRA_CA_CERTS and provide a path to a PEM file containing additional root CAs to trust.
However, with Unity Hub v3.4.1, this does not seem to work.
Currently my only option as a workaround is to set the value of NODE_TLS_REJECT_UNAUTHORIZED to 0. This isn’t an ideal solution since it instructs Node.js to not perform certificate validation and my cybersecurity department frowns upon me from recommending this as a solution.
Following as we are dealing with the same and using the same work around. I can go back to Unity Hub 3.3.0 and it works without any of the NODE TLS environment variables.
3.4.1 had a lot of changes in it so it is hard to say what might have caused this to break. In 3.3.0 we added a more robust support for using the Hub behind a proxy with self-signed certificates.
Could I get you to follow this guide and let me know if it works for you ?
Apologies from the hub team for the inconvenience.
Unfortunately, it doesn’t work for Windows. I have the certificate authorities imported into Certificates (Local Computer)\Trusted Root Ceritfication Authorities\Certificates and starting Unity Hub 3.12.1 still produces “SELF_SIGNED_CERT_IN_CHAIN” errors.
I have also tried NODE_EXTRA_CA_CERTS=C:\ProgramData\Unity\config\cert.pem (the same file used by UPM as configured in upmconfig.toml) and that doesn’t work either
The only thing it respects is NODE_TLS_REJECT_UNAUTHORIZED=0