Skip to content

[VS Code] [Windows]: Extension doesn't trust certificate even when present in OS keychain

Happens on the latest VS Code and Extension version (6.14.1)

Problem

When the GitLab instance uses self-signed certificate and the certificate authority is present in the OS keychain on Windows, the extension still reports that it's unable to verify the certificate.

Workaround

This workaround is tested to work if your browser already trusts the certificate (and the browser opens your GitLab instance without issues).

  1. Download the certificate chain of your self-hosted gitlab installation. It can be done with your browser:

    Screenshot 2025-05-22 at 11.23.23.png

    Screenshot 2025-05-22 at 11.23.35.png

    Screenshot 2025-05-22 at 11.23.59.png

    Screenshot 2025-05-22 at 11.27.28.png

  2. To verify the whole chain was downloaded, you can check the file contents. It should contain several -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

  3. In vscode, open settings json file ctr+shift+p -> open user settings (JSON) and add the following line:

"gitlab.ca":"C:\\path-to-certificate\\certificate-chain.pem"

Note that you have to escape \ in windows paths (see the example above)

  1. Try to authenticate with your gitlab instance.

The workaround is originally taken from #1945 (comment 2519789240)

Edited by Tomas Vik (OOO back on 2026-01-05)