Problem

Recently whilst trying to enable GitHub CoPilot within VSCode in a corporate enterprise environment, I encountered the following warning when trying to authenticate with GitHub:

[certificates] failed to read root certificates

Often in a corporate enterprise IT environment, IT will install a self-signed root certificate, which all devices must trust before they can access the internet via a central proxy server. This was indeed the case in my situation. However, the above error message indicated that VS Code didn’t recognise or trust this self-signed certificate, preventing it from properly authenticating with GitHub.

VSCode GitHub CoPilot Logs
VSCode GitHub CoPilot Logs

Solution

The solution involves installing a VS Code extension called ‘win-ca’ to trust the installed self-signed certificates in Windows. The process is as follows:

  1. Install the win-ca VS Code extension – https://marketplace.visualstudio.com/items?itemName=ukoloff.win-ca&ssr=false#overview
  2. Once installed, configure the extension as follows
    • Navigate to FILE > PREFERENCES > SETTINGS
    • Search for setting @ext:ukoloff.win-ca – this is win-ca extension settings
    • Change the ‘Inject’ setting to append mode
  3. Restart VS Code

This should resolve the certificate issue and allow VS Code to trust the self-signed certificate used by your corporate proxy server. Following this, the original error I encountered no longer occurred, as I was able to successfully authenticate with GitHub, and use GitHub CoPilot without issue.

win-ca VSCode Extension Screenshot

Final Thoughts

Well, I hope this solution has worked for you configure trusted self-signed certificates in VS Code.

If you come across any other solutions, feel free to post it in the comments below to help others out there.

Happy coding! 🙂

Shane Bartholomeusz