Instll phx_new 1.5.1 and possible ssl issue

Hi sorry for probably silly question but Iā€™m very new here :slight_smile: mix archive.install hex phx_new 1.5.1
return ssl issue I think :confused: there is some way to add this certificatie? or how to solve it?

mix archive.install hex phx_new 1.5.1

11:48:08.950 [info] TLS :client: In state :certify at ssl_handshake.erl:1781 generated CLIENT ALERT: Fatal - Unknown CA

11:48:08.950 [info] TLS :client: In state :certify at ssl_handshake.erl:1781 generated CLIENT ALERT: Fatal - Unknown CA

Failed to check for new Hex version

Failed to fetch record for 'hexpm/phx_new' from registry (using cache instead)

{:failed_connect, [{:to_address, {'repo.hex.pm', 443}}, {:inet, [:inet], {:tls_alert, {:unknown_ca, 'TLS client: In state certify at ssl_handshake.erl:1781 generated CLIENT ALERT: Fatal - Unknown CA\n'}}}]}

{:failed_connect, [{:to_address, {'repo.hex.pm', 443}}, {:inet, [:inet], {:tls_alert, {:unknown_ca, 'TLS client: In state certify at ssl_handshake.erl:1781 generated CLIENT ALERT: Fatal - Unknown CA\n'}}}]}

** (Mix) No package with name phx_new (from: mix.exs) in registry
1. mix hex --version
  Hex v0.20.5
2. osx
  Catalina 10.15.4
3. mix
mix --version
Erlang/OTP 22 [erts-10.7.1] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] [hipe] [dtrace]
Mix 1.10.3 (compiled with Erlang/OTP 22)

I think for now the only option is to skip the ssl cert check by

mix hex.config unsafe_https true

1 Like

Are you behind a proxy or firewall?

From Hex Config Docs :

  • cacerts_path - Path to the CA certificate store PEM file. If not set, a CA bundle that ships with Hex is used. Can be overriden by setting the environment variable HEX_CACERTS_PATH . (Default: nil )

So if you are behind a Proxy or Firewall and you need to add a custom certificate you need to specify the path to it in an env var or in the mix config.

Yes I think this env is behind proxy, and yes I think I forgot to add proxy config to hex. Thanks much! :slight_smile:

An important detail :wink:

1 Like