And then when I tried to install phx.new I got the following error:
mix archive.install hex phx_new
10:06:07.413 [notice] TLS :client: In state :certify at ssl_handshake.erl:2098 generated CLIENT ALERT: Fatal - Unknown CA
Failed to fetch record for 'hexpm/phx_new' from registry (using cache instead)
{:failed_connect, [{:to_address, {'repo.hex.pm', 443}}, {:inet, [:inet], {:tls_alert, {:unknown_ca, 'TLS client: In state certify at ssl_handshake.erl:2098 generated CLIENT ALERT: Fatal - Unknown CA\n'}}}]}
** (Mix) No package with name phx_new (from: mix.exs) in registry
I tried to disconnect to the VPN and same error happened. Does someone knows how to fix this?
The most likely explanation is that your employer is using some sort of intercepting proxy. In order to intercept TLS traffic it presents a substitute server certificate for the domain you’re trying to connect to, repo.hex.pm in this case, issued by a private CA that the laptop is configured to accept.
If the interception is enabled by setting HTTP_PROXY or HTTPS_PROXY in your shell (check by running set | grep PROXY) then you may be able to disable it for Hex by clearing these env vars.
If you feel the interception is legit, and you know where this trust store with this private CA certificate lives, you can tell Hex to use that trust store instead of its default.
If all else fails, and only if you use Hex only for fetching public packages (in other words, you don’t use any authenticated APIs) you can disable certificate verification by Hex altogether.
To learn how to change these settings, using environment variables or permanently using mix hex.config KEY VALUE, run mix help hex.config, and look for these:
• unsafe_https - If set to true Hex will not verify HTTPS certificates.
Can be overridden by setting the environment variable HEX_UNSAFE_HTTPS
(Default: false)
[..]
• cacerts_path - Path to the CA certificate store PEM file. If not set, a
CA bundle that ships with Hex is used. Can be overridden by setting the
environment variable HEX_CACERTS_PATH. (Default: nil)