dosubot[bot] commented on issue #8703: URL: https://github.com/apache/incubator-devlake/issues/8703#issuecomment-3869309486
<!-- Greeting --> Hi @KunalKatariya! I'm [Dosu](https://go.dosu.dev/dosubot) and I’m helping the incubator-devlake team. <!-- Answer --> This error is not caused by your GitHub PAT or organization restrictions. The key issue is that the environment where DevLake is running does not trust GitHub's SSL certificate, resulting in the "x509: certificate signed by unknown authority" error. This usually happens if the OS or container running DevLake is missing up-to-date CA certificates, or if a proxy/firewall is intercepting SSL traffic with its own certificate that isn't trusted by default. To fix this: 1. Make sure your container or host has up-to-date CA certificates (for example, update or install the `ca-certificates` package). 2. From inside the container or host, run `curl https://api.github.com` to check if you get the same certificate error. 3. If your network uses a proxy or SSL inspection, add the proxy's CA certificate to the trust store. 4. Only as a last resort, you can set the environment variable `IN_SECURE_SKIP_VERIFY=true` to bypass certificate checks, but this is insecure and not recommended for production use. There are no known bugs in DevLake that would cause this—it's an environment or network trust issue. More details and troubleshooting steps are available in this discussion: [see here](https://github.com/apache/incubator-devlake/issues/8702). <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/60e151ac-3871-4583-b19b-d7a7e22c0c62?feedback_type=other)</sup> [](https://app.dosu.dev/b4e8e847-d479-4541-83a8-d88d83fea5c9/ask?utm_source=github) [](https://cursor.com/link/prompt?text=This%20error%20is%20not%20caused%20by%20your%20GitHub%20PAT%20or%20organization%20restrictions.%20The%20key%20issue%20is%20that%20the%20environment%20where%20DevLake%20is%20running%20does%20not%20trust%20GitHub%27s%20SSL%20certificate%2C%20resulting%20in%20the%20%22x509%3A%20certificate%20signed%20by%20unknown%20authority%22%20error.%20This%20usually%20happens%20if%20the%20OS%20or%20container%20running%20DevLake%20is%20missing%20up-to-date%20CA%20certificates%2C%20or%20if%20a%20proxy/firewall%20is%20intercepting%20SSL%20traffic%20with%20its%20own%20certificate%20that%20isn%27t%20trusted%20by%20default.%0A%0ATo%20fix%20this%3A%0A1.%20Make%20sure%20your%20container%20or%20host%20has%20up-to-date%20CA%20certificates%20%28for%20example%2C%20update%20or %20install%20the%20%60ca-certificates%60%20package%29.%0A2.%20From%20inside%20the%20container%20or%20host%2C%20run%20%60curl%20https%3A//api.github.com%60%20to%20check%20if%20you%20get%20the%20same%20certificate%20error.%0A3.%20If%20your%20network%20uses%20a%20proxy%20or%20SSL%20inspection%2C%20add%20the%20proxy%27s%20CA%20certificate%20to%20the%20trust%20store.%0A4.%20Only%20as%20a%20last%20resort%2C%20you%20can%20set%20the%20environment%20variable%20%60IN_SECURE_SKIP_VERIFY%3Dtrue%60%20to%20bypass%20certificate%20checks%2C%20but%20this%20is%20insecure%20and%20not%20recommended%20for%20production%20use.%0A%0AThere%20are%20no%20known%20bugs%20in%20DevLake%20that%20would%20cause%20this%E2%80%94it%27s%20an%20environment%20or%20network%20trust%20issue.%20More%20details%20and%20troubleshooting%20steps%20are%20available%20in%20this%20discussion%3A%20%5Bsee%20here%5D%28https%3A//github.com/apache/incubator-devlake/issues/8702%29.) [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/incubator-devlake/issues/8703) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
