Skip to content

Latest commit

 

History

History
54 lines (38 loc) · 1.89 KB

NU1302.md

File metadata and controls

54 lines (38 loc) · 1.89 KB
title description author ms.date ms.topic f1_keywords
NuGet Error NU1302
NU2302 Error code
Nigusu-Allehu
07/25/2024
reference
NU1302

NuGet Error NU1302

You are running the 'restore' operation with an 'HTTP' source: myHttpSource. NuGet requires HTTPS sources. To use an HTTP source, you must explicitly set 'allowInsecureConnections' to true in your NuGet.Config file. Please refer to https://aka.ms/nuget-https-everywhere for more information.

Issue

myHttpSource is an insecure HTTP source. We recommend using an HTTPS source instead.

Solution

Option 1: Update the Source to Use HTTPS

If possible, update the package source to use https:// instead of http://:

<configuration>
  <packageSources>
    <add key="SecureSource" value="https://example.com/nuget/" />
  </packageSources>
</configuration>

Option 2: Allow Insecure Connections (If Necessary)

If the source must remain HTTP, explicitly allow insecure connections by adding the AllowInsecureConnections flag in the NuGet.Config:

<configuration>
  <packageSources>
    <add key="InsecureSource" value="http://example.com/nuget/" allowInsecureConnections="true" />
  </packageSources>
</configuration>

Option 3: Consult SDK Analysis Level

The SdkAnalysisLevel property in your project can serve as a temporary workaround for managing HTTP sources. If additional time is needed to resolve the HTTP error, you can lower the SdkAnalysisLevel to suppress errors temporarily. Here's how it functions:

  • For SDK Analysis Level value below 9.0.100, using HTTP sources triggers a warning (NU1803).
  • Starting with SDK Analysis Level 9.0.100 or higher, HTTP sources result in an error (NU1302) unless AllowInsecureConnections is explicitly enabled.