Add support for enterprise SSL interception certificates #2902
Comments
|
Should this issue be brought to the AWS SDK for Node repo? All requests to the AWS are made through the SDK library AFAIK |
|
that's a good point, happy for somebody from aws move it over. |
|
I'm not sure that's possible. You can just open another issue there and reference this one as your use-case. |
|
TIL! Thanks |
|
Hey @mungojam, It doesn't seem to be a an issue with the JavaScript SDK. If you still feel it is an issue with the JS-SDK then It'd be great if you can follow the issue template so that we can have more information about the issue. |
|
I probably won't get a chance to follow up on this as we've now moved to terraform rather than CDK. Happy to close unless others can follow up with reproductions |
|
Thank-you for the update, I will go ahead and close the issue, if anyone has further questions, please re-open or create a new issue. |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread. |
Our company uses SSL interception with their own certificate which is trusted by windows.
When using aws-cdk, this leads to the inevitable error as node doesn't natively use windows cert store:
With our own node tools, we have circumvented this by using either syswide-cas or win-ca. VS Code recently integrated a win-ca fork as well so that no longer has the problem. This hasn't been possible with cdk as I don't seem able to inject the
win-caimport early enough I think.Please consider adding an integrated solution/option so that we can use CDK internally without having to mess with global environment variables.
I've worked around it for now setting the
NODE_EXTRA_CA_CERTSenvironment variable to a snapshot of the certs extracted withwin-cabut that's not a sustainable approach and would be messy to set up for other devs.The text was updated successfully, but these errors were encountered: