Untrusted Server Certificate Follow
PyCharm v2022.2.3 Professional Version
A number of us are getting an "Untrusted Server Certificate" warning for a wildcard CA cert when we first open PyCharm and have an active Project. The warning details are correct, and the certificate has expired, and we have a new one. However, I am not sure what service in PyCharm may be trying to use it and therefore how to update it. The warning does not appear for all Projects just some.
There are also no registered server certificates within PyCharm. There are several of us in the company who use the commercial version of PyCharm and all have received the same warning. This led me to believe it may be our GIT server (BitBucket) but SSL is actually not active in our case.
I have followed the other posts on this forum but unlike the others. This warning is for one of our own certs and the other post suggested turning on some extra debugging. But that did not seem to produce any noticeable results in the log.
I have scoured the IDE settings and can't find anything specific.
My real question is how can I determine what element of PyCharm maybe trying to access this cert?
Alternatively, it is a Plugin but again I am not sure how to determine if that is the case and which one without deactivating all and seeing what happens.
The only thing I found in the log was mention of a Common Proxy that was using https to our BitBucket Server. But I cannot find where this is setup in PyCharm as the GIT remote definitely uses http: in the URL and SSL is not active on the BitBucket server anyway. So, I am not sure if this related or not.
#c.i.u.p.CommonProxy - CommonProxy.select called for https://svrap01.xxxx.local:7990
2022-11-04 10:10:45,395 [ 3696] FINE - #c.i.u.p.CommonProxy - CommonProxy.select returns custom proxy for https://svrap01.xxxx.local:7990, [DIRECT]
(server details changed for security)
Also, I am aware we can Accept/Reject or set the ignore option. But the first two don't seem to 'stick' as the waring reappears and I would rather refresh the certificate anyway.
I have been able to determine that the trigger is the bundled GitHub PlugIn. By disabling this the popup does not appear. We use a local GIT server rather than GitHub. But I would like to understand what certificate store this plugin is using as I am at a loss as to where this certificate is.
thanks in advance and appreciate any insight anyone can offer.
Please sign in to leave a comment.
There are similar request on YouTrack: https://youtrack.jetbrains.com/issue/IDEA-275438/PyCharm-constantly-asks-to-add-a-certificate-which-is-unknown-to-me, https://youtrack.jetbrains.com/issue/IDEA-249404/SSL-certificate-expired-on-my-router-getting-SSL-error-in-Rider-on-starting. Please follow them for updates.
Thanks for this. I found the same thing. Disabling the GitHub Plugin stopped the alerts. But even after following the references posts I am not sure where this certificate is being stored and how to refresh it so I can reenable the plugin should we need it.