When i click onto my Plugins (Kicad plugins), I get this error: "SSL Peer Certificate or SSH remote key was not ok"

External Plugins
1

when i click onto my Pluins (Kicad plugins), I get this error: “SSL Peer Certificate or SSH remote key was not ok”. Any idea why I am unable to activate plugin ? Thanks

2

How far do you get? I’ve promoted you so you can add screenshots.

image
image1029×612 137 KB

3

Hi, I do not get any far. Once I click on the “Plugin and Content Manager” icon shown in the picture. I get this error message (bottom picture). Thanks

image
image921×630 36.6 KB

image
image1443×799 48.9 KB

4

I’m guessing the same thing is happening on your network as described here, and I’m sure your network administrator can help.

P.S. Maybe an OS update can fix it.

Below is a transcript of the text compiled by Google’s AI.
Solutions:

  • Ensure CA Certificates are Up-to-Date and Trusted:

    • Verify that your system’s CA certificate store is up-to-date.

    • If the proxy is using its own generated certificates, ensure that the proxy’s root CA certificate is installed and trusted on the client machine.

  • Bypass the Proxy (if applicable):

    • If the issue is specifically with the proxy’s handling of SSL, try configuring your application or system to bypass the proxy for the specific target domain or IP address that is causing the error. This can be done using no_proxy environment variables or application-specific proxy settings.

  • Adjust Proxy Configuration:

    • If you manage the proxy, review its configuration to ensure it’s not inadvertently causing SSL certificate validation issues. This might involve adjusting SSL inspection settings or ensuring proper certificate chaining.

  • Verify Server Certificate:

    • Ensure that the SSL certificate on the target server is valid, not expired, and correctly configured. Even with a proxy, an invalid server certificate will still cause validation failures.

  • Disable SSL Verification (use with caution):

    • In some development or testing environments, you might temporarily disable SSL verification in your client application (e.g., git config --global http.sslverify "false" for Git). This is not recommended for production environments due to security risks.

  • Check System Time:

    • An incorrect system clock can lead to certificate validation failures, as certificates have validity periods. Ensure your system time is accurate.

Addressing this error in a proxy environment often requires collaboration between the client-side configuration and the proxy server’s settings to ensure a trusted and secure connection can be established.

5

In the case of a proxy, you may be able to avoid this in this way.

Maybe this will be resolved in the future once these issues are closed.

6

Adding to this: run the following command in your terminal to disable the SSL checks:

reg add "HKLM\Software\Policies\KiCad\KiCad\curl" /v SslRevoke /t REG_DWORD /d 2 /f
7
  1. Just go to this in your regular browser:
  1. Plugin zipDownload the plugin zip file
  2. Installing files downloaded from a browser using PCM

There may be a workaround like this

8

If make this setting change permanently, it will make system vulnerable, so be sure to get permission from network department administrator and remember to change the setting back after finished installing the plugin.

1 Like
9

Hi,

Thanks for your reply. Sorry for my reply back. I did exactly what you prescribed and the commands were successful. However, this did not change any thing.

10

What is your KiCad version and OS details?

I see your IP address is in California, so this is very odd. Are you using a VPN?