I am trying to install extensions for VSCode. But getting unable to get local issuer certifiate.
my settings.json
// Place your settings in this file to overwrite the default settings { // Controls the font family.
"editor.fontFamily": "Consolas",
// Controls the font size.
"editor.fontSize": 12,
//Setting corporate proxy
"http.proxy": "http://proxy_servr:3128",
"https.proxy": "http://proxy_servr:3128",
//Disable SSL Verification
"http.proxyStrictSSL": false }
In VS code:
Click File -> Preferences ->Settings
{
"http.proxyStrictSSL":false,
"http.proxy":"http://USERID:PASSWORD#proxy.domain.com:3128"
}
It appears that you have not added authentication credentials to http.proxy
Edit %AppData%/Roaming/Code/User/settings.json, adding:
{
...
"http.proxyStrictSSL":false,
...
}
This could be a DHCP problem on your system. I was seeing the same and similar error messages trying to update and install NPM packages in my Window WSL2 Ubuntu terminal. After running sudo echo nameserver 8.8.8.8 > /etc/resolv.conf I was able to install and update packages again. I spent days trying to troubleshoot this and never thought to check for DNS issues.
All the above answers open security risks, because you are downloading from internet without checking that the Server Certificate Chain is correct. Using such practices open different hack possibilities that you would like to avoid.
The better way to do it is to properly configure the Server Certificate Chain on your system (this is different from OS to OS) and remove the config "http.proxyStrictSSL":false, from your setting.
To make this working with the extensions installation, I found that you have to override the "Proxy Support" for extensions. Weirdly with "on" doesn't work for me.
Now with this config I can download securely extensions on the host like as well in docker containers used for remote execution.
Related
I installed the GitHub copilot but the extension do not work, always show the following error :
What could I do to solve this ?
Copilot error: “GitHub Copilot could not connect to server. Extension activation failed: self-signed certificate in certificate chain” is generally caused using CoPilot behind a Corporate network.
Most corporate networks have a ‘Man-in-the-middle’ appliance that dynamically breaks open all secure SSL traffic leaving home to enter the internet. This ensures they can inspected any traffic leaving, including your online banking. Usually automation scrubs the traffic looking for theft of company secrets or IP and raises alerts. It all gets logged and reviewed further if need be.
This action leaves behind a fake cert chain as a fingerprint. The cert for the called site is replaced with a fake, and one signed by the company’s own private CA authority. Hence the self-signed cert in the cert chain error.
From any company device (Phones\Laptop) the company CA is already installed as a trusted CA. So the local browsers and other desktop apps trust this faked cert chain - and so do not raise any concerns someone is snooping your secure network traffic (the company does own the network and the device).
By default VSCode is not trusting the installed desktop certs, and so it noticed that the GitHub cert is no longer signed by a trusted public CA authority.
As Rypox states above, the VSCode extension ‘Win-CA’ (must be set to ‘append’ mode) solves this issue. It tells VSCode to also trust the CA’s installed on the employees desktop. This makes VSCode happy again trusting the fake cert chain. No 'whitelisting' needed and not 'VPN' related. But certinly not that obvious either. An interesting CA trust issue.
Confirming this does exist is easy from your browser. Go to any outside site (like Amazon) and review the sites “Cert” to see who the CA’s are (Certification Path). It should ‘not’ contain any reference to your company. Look at that same cert from outside the company network on your own personal laptop.
… “bit of a glitch in the Matrix”, installing Win-CA helps hides it again and all looks back to normal.
Had the same issue with a corporate proxy, the win-ca extension resolved it.
In settings switch to append mode (it's not the default)
Restart VsCode
PS: this is a windows only solution (for mac see another post - self signed certificate in certificate chain on github copilot)
On macOS, you can use this script to monkey patch the Copilot extension to make this work:
_VSCODEDIR="$HOME/.vscode/extensions"
_COPILOTDIR=$(ls "${_VSCODEDIR}" | grep -E "github.copilot-[1-9].*" | sort -V | tail -n1) # For copilot
_COPILOTDEVDIR=$(ls "${_VSCODEDIR}" | grep "github.copilot-nightly-" | sort -V | tail -n1) # For copilot-nightly
_EXTENSIONFILEPATH="${_VSCODEDIR}/${_COPILOTDIR}/dist/extension.js"
_DEVEXTENSIONFILEPATH="${_VSCODEDIR}/${_COPILOTDEVDIR}/dist/extension.js"
if [[ -f "$_EXTENSIONFILEPATH" ]]; then
echo "Found Copilot Extension, applying 'rejectUnauthorized' patches to '$_EXTENSIONFILEPATH'..."
perl -pi -e 's/,rejectUnauthorized:[a-z]}(?!})/,rejectUnauthorized:false}/g' ${_EXTENSIONFILEPATH}
sed -i.bak 's/d={...l,/d={...l,rejectUnauthorized:false,/g' ${_EXTENSIONFILEPATH}
else
echo "Couldn't find the extension.js file for Copilot, please verify paths and try again or ignore if you don't have Copilot..."
fi
if [[ -f "$_DEVEXTENSIONFILEPATH" ]]; then
echo "Found Copilot-Nightly Extension, applying 'rejectUnauthorized' patches to '$_DEVEXTENSIONFILEPATH'..."
perl -pi -e 's/,rejectUnauthorized:[a-z]}(?!})/,rejectUnauthorized:false}/g' ${_DEVEXTENSIONFILEPATH}
sed -i.bak 's/d={...l,/d={...l,rejectUnauthorized:false,/g' ${_DEVEXTENSIONFILEPATH}
else
echo "Couldn't find the extension.js file for Copilot-Nightly, please verify paths and try again or ignore if you don't have Copilot-Nightly..."
fi
Save as something like monkey-patch-copilot.sh, then chmod +x monkey-patch-copilot.sh. You should then be able to run: ./monkey-patch-copilot.sh to apply the patch.
Note: I am not the original author. This was found on the Copilot feedback forum.
For any MacOS users, the VSCode extension linhmtran168.mac-ca-vscode can help as well with this. It is similar to the previously mentioned win-ca.
https://marketplace.visualstudio.com/items?itemName=linhmtran168.mac-ca-vscode
This looks like a similar error to what I am getting. I believe that the source of this in our corporate network is a ssl inspection process such that when the https traffic is opened and inspected that it breaks the certificate chain and this error shows up. A fix would be to add the GitHub Copilot servers to the ssl inspection whitelist so that that traffic is not inspected.
Corporate VPN was the problem (same as #mark-derry's).
Jetbrain's PyCharm / DataSpell allows to accept self signed certificates.
VSCode doesn't seem to have this option yet.
I found a solution for this which works for me in case of Intellij. I have blogged about it at https://sidd.io/2023/01/github-copilot-self-signed-cert-issue/
At a high level I think the architecture of the plugin might be same :
IDE Native CoPilot Plugin ---making RPC call---> NodeJS based CoPilot Agent
And this NodeJS based CoPilot Agent agent has issues with the Self Signed Certs (at least in my case).
Fix is as follows :
Export the self-signed certificate in discussion
Convert it into .pem format if not already
Export the path of this .pem cert to NODE_EXTRA_CA_CERTS variable
Restart your IDE and it should work
Easy!
Method 1 : just excute this code.
git config --global http.sslVerify false
Method 2:
FOllow this guide! and Thank me later because I have saved you a time of husel ? :) . you're welcome!
https://mattferderer.com/fix-git-self-signed-certificate-in-certificate-chain-on-windows
I'm a new one just start to learn and install RabbitMQ on Windows System.
I install Erlang VM and RabbitMQ in custom folder, not default folder (Both of them).
Then I have restarted my computer.
By the way,My Computer name is "NULL"
I cd to the RabbitMQ/sbin folder and use command:
rabbitmqctl status
But the return message is:
Status of node rabbit#NULL ...
Error: unable to perform an operation on node 'rabbit#NULL'.
Please see diagnostics information and suggestions below.
Most common reasons for this are:
Target node is unreachable (e.g. due to hostname resolution, TCP connection or firewall issues)
CLI tool fails to authenticate with the server (e.g. due to CLI tool's Erlang cookie not matching that of the server)
Target node is not running
In addition to the diagnostics info below:
See the CLI, clustering and networking guides on http://rabbitmq.com/documentation.html to learn more
Consult server logs on node rabbit#NULL
DIAGNOSTICS
attempted to contact: [rabbit#NULL]
rabbit#NULL:
connected to epmd (port 4369) on NULL
epmd reports node 'rabbit' uses port 25672 for inter-node and CLI tool traffic
TCP connection succeeded but Erlang distribution failed
Authentication failed (rejected by the remote node), please check the Erlang cookie
Current node details:
node name: rabbitmqcli70#NULL
effective user's home directory: C:\Users\Jerry Song
Erlang cookie hash: 51gvGHZpn0gIK86cfiS7vp==
I have try to RESTART RabbitMQ, What I get is:
ERROR: node with name "rabbit" already running on "NULL"
By the way,My Computer name is "NULL"
And I have enable all ports in firewall.
https://groups.google.com/forum/#!topic/rabbitmq-users/a6sqrAUX_Fg
describes the problem where there is a cookie mismatch on a fresh installation of Rabbit MQ. The easy solution on windows is to synchronize the cookies
Also described here: http://www.rabbitmq.com/clustering.html#erlang-cookie
Ensure cookies are synchronized across 1, 2 and Optionally 3 below
%HOMEDRIVE%%HOMEPATH%\.erlang.cookie (usually C:\Users\%USERNAME%\.erlang.cookie for user %USERNAME%) if both the HOMEDRIVE and HOMEPATH environment variables are set
%USERPROFILE%\.erlang.cookie (usually C:\Users\%USERNAME%\.erlang.cookie) if HOMEDRIVE and HOMEPATH are not both set
For the RabbitMQ Windows service - %USERPROFILE%\.erlang.cookie (usually C:\WINDOWS\system32\config\systemprofile)
The cookie file used by the Windows service account and the user running CLI tools must be synchronized by copying the one from C:\WINDOWS\system32\config\systemprofile folder.
If you are using dedicated drive folder locations for your development tools/software in Windows10(Not the windows default location), one way you can synchronize the erlang cookie as described by https://www.rabbitmq.com/cli.html is by copying the cookie as explained below.
Please note in my case HOMEDRIVE and HOMEPATH environment variables both are not set.
After copying the "C:\Windows\system32\config\systemprofile\.erlang.cookie" to "C:\Users\%USERNAME%\.erlang.cookie" ,
the error "tcp connection succeeded but Erlang distribution failed" is resolved.
Now I am able to use "rabbitmqctl.bat status" command successfully. Hence there is no mandatory need to install in default location to resolve this error as synchronizing cookie will resolve that error.
In my case similar issue (Authentication failed because of Erlang cookies mismatch) solved by copying .erlang.cookie file from Windows system dir - C:\Windows\system32\config\systemprofile\.erlang.cookie to %HOMEDRIVE%%HOMEPATH%\.erlang.cookie (where %HOMEDRIVE% was set to H: and %HOMEPATH% to \ respectively)
Quick setup TODO for Windows, Erlang OTP 24 and RabbitMQ 3.8.19:
Download & Install Erlang [OTP 24] (needs Admin rights) from:
https://www.erlang.org/downloads
set ERLANG_HOME (should point to install dir)
Download & Install recent [3.8.19] RabbitMQ (needs Admin rights) from:
https://github.com/rabbitmq/rabbitmq-server/releases/
Follow: https://www.rabbitmq.com/install-windows.html and/or
https://www.rabbitmq.com/install-windows-manual.html
set RABBITMQ_SERVER (should point to install dir)
update %PATH% by adding: ;%RABBITMQ_SERVER%\sbin
Fix Erlang-cookie issue from above, follow: https://www.rabbitmq.com/cli.html#erlang-cookie
Enable Web UI by running command: %RABBITMQ_SERVER%/sbin/rabbitmq-plugins.bat enable rabbitmq_management
From item #8 (above) got error because of missing file: %USERPROFILEDIR%/AppData/Roaming/RabbitMQ/enabled_plugins -> had to create it and run %RABBITMQ_SERVER%/sbin/rabbitmq-plugins.bat enable rabbitmq_management again!
Run/restart on the way might be required
Finally, login to: http://localhost:15672/ (guest:guest)
, or check by cURL:
curl -i -u guest:guest http://localhost:15672/api/vhosts
should receive response like:
HTTP/1.1 200 OK
cache-control: no-cache
content-length: 186
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';
object-src 'self'
content-type: application/json
date: Tue, 13 Jul 2021 11:21:12 GMT
server: Cowboy
vary: accept, accept-encoding, origin
[{"cluster_state":{"rabbit#hostname":"running"},"description":"Default virtual host","metadata":{"description":"Default virtual host","tags":[]},"name":"/","tags":[],"tracing":false}]
P.S. Some useful RabbitMQ CLI commands (copy-paste):
%RABBITMQ_SERVER%/sbin/rabbitmqctl start_app
%RABBITMQ_SERVER%/sbin/rabbitmqctl stop_app
%RABBITMQ_SERVER%/sbin/rabbitmqctl status
P.P.S. UPDATE: great article for this subject: https://www.journaldev.com/11655/spring-rabbitmq
I have reinstalled the RabbitMQ in my computer by using default setup folder
Then checked with the command :
rabbitmqctl status
It works now, not the problem of Erlang VM .(Means Er can install at another folder)
It will cause some problem (like this one) that I couldn't find out now if we don't use the RabbitMQ default setup require folder (C:\Program Files\RabbitMQ Server)
If anyone finds it out, I hope you can tell me why and how to fix.
How I resolved mine
It's mostly caused by cookie mismatch on a fresh installation of Rabbit MQ
follow this 2 steps
1. copy the .erlang.cookie file from C:\Windows\System32\config\systemprofile paste it into
C:\Users\["your user nameusername"] folder
2. run rabbitmq-service.bat stop and rabbitmq-service.bat start
Done it should work now when you run 'rabbitmqctl start_app' good luck.
note if you have more than one user put it in the correct user folder
In Centos.
add ip nodename pair to /etc/hosts on each node.
restart rabbitmq-server service on each slave node.
works for me.
i got error like this, i just stop my rabbitMQ with close port 25672
here syntax for linux:
kill -9 $(lsof -t -i:25672)
Error Images:
Just adding my experience if it helps others down the line.
I wrote a Powershell .ps1 script to install and configure RabbitMQ which would be used as one of the stept to provision a server with Packer.
I wrote the code on a fresh AWS W2016 Server build. It worked fine when run on the box (as administrator, from an admin PS console) but when the same code was moved over to the Packer build server, it would fall over when doing the rabbitmqctl.bat configuration steps via packer, despite both using (as far as I can tell) Administrator to run the scripts.
So this worked on the coding box:
$pathvargs = {cmd.exe /c "rabbitmqctl.bat" add_user Username Password}
Invoke-Command -ScriptBlock $pathvargs
$pathvargs = {cmd.exe /c "rabbitmqctl.bat" set_user_tags User administrator}
Invoke-Command -ScriptBlock $pathvargs
$pathvargs = {cmd.exe /c "rabbitmqctl.bat" set_permissions -p "/" User "^User-.*" ".*" ".*"}
Invoke-Command -ScriptBlock $pathvargs
Write-Host "Did RabbitMQ"
But I had to prelude this with...
copy "C:\Windows\system32\config\systemprofile\.erlang.cookie" "C:\Program Files\RabbitMQ Server\rabbitmq_server-3.7.17\sbin\.erlang.cookie"
copy "C:\Windows\system32\config\systemprofile\.erlang.cookie" $env:userprofile\.erlang.cookie -force
... On the Packer box.
I am guessing there is some context issue going on but I'm using
"winrm_username": "Administrator",
in the Packer builders block, so I thought this would suffice.
TL;DR - Use the Cookie even though it works without it in some instances.
I have encountered the same error after installing Erlang VM and RabbitMQ using the default installation folders in Windows 10. Managed to start the management and access it via HTTP, but status failed with this error.
The cookie was fine in all folders (%HOMEDRIVE%%HOMEPATH%, %USERPROFILE%, C:\WINDOWS\system32\config\systemprofile).
I had to perform a restart the Windows to make it work. After restart it set up something to run at startup + asked permission to make an exception in the firewall.
In my case, the file was at c:\\Windows\.erlang.cookie, just copied it to C:\Users{USERNAME} and all works, thanks to everyone for the hits
Another thing to check after making sure the cookie file is in all the locations.. is to realize that you installed 32 bit Erlang.. not 64..
Happened to me. Removed 32 bit Erlang and Installed 64 and rabbitmqctl status returns expected results.
I followed the steps of this tutorial:
http://www.ibm.com/smarterplanet/us/en/ibmwatson/developercloud/doc/ega_docs/dialog_ega.shtml#ega_getstart_setup
until the step 3h (Account validation), which leads to following error:
“Client error – 407 Proxy Authorization required”.
(I am behind a company proxy)
I use Eclipse Mars 4.5.2 and IBM Bluemix Tools 1.0.10.v20160406_1758.
What i have already done:
-Of course I have Bluemix account that works perfectly fine.
-I have filled in the HTTP and HTTPS info within the Eclipse proxy settings (General->network settings) and cleared the SOCK-field. I can therefore install new software and use the eclipse marketplace for instance.
-Set the proxy at the http_proxy/https_proxy at the Windows system variables, therefore I can use the Bluemix command line tool and login to Bluemix.
-Experimenting with adding various lines at the eclipse.ini as in the following:
-Dorg.eclipse.ecf.provider.filetransfer.excludeContributors=org.eclipse.ecf.provi der.filetransfer.httpclient
-Dhttp.proxyPort=8080
-Dhttp.proxyHost=YYY.com
-Dhttp.proxyUser=uid123
-Dhttp.proxyPassword=XXX
-Dhttps.proxyPort=8080
-Dhttps.proxyHost=YYY.com
-Dhttps.proxyUser=uid123
-Dhttps.proxyPassword=XXX
-Dhttp.nonProxyHosts=localhost|127.0.0.1
-Dorg.eclipse.ecf.provider.filetransfer.retrieve.closeTimeout=3000
-Dorg.eclipse.ecf.provider.filetransfer.retrieve.readTimeout=3000
The command "nslookup api.ng.bluemix.net" returns:
Server: AAA.de Address: aa.bbb.cd.ef
Not authorized answer:
Name: ng.bluemix.net Address: 75.126.70.44 Aliases: api.ng.bluemix.net
Any suggestions how to successfully use the Eclipse Bluemix Plugin?
Based on the error, it looks like you have authentication error on accessing the proxy itself. The Bluemix Tools does not use the command line interface (CLI) to communicate with the Bluemix server. Therefore, proxy settings are not setup in Eclipse even if you have it working using the CLI.
In Eclipse, all the proxy settings can be done from the Preference page. There is no need to change eclipse.ini so you can restore the eclipse.ini file to the original before changing the preference setting. You can find the corresponding preference page in Window>Preferences>General>Network Connection. Then, change the "Active Provider" to "Manual" and edit the HTTP and HTTPS port proxy settings as needed.
In the Edit Proxy Entry dialog, you can input the proxy authentication information by selecting Requires Authentication checkbox and input the user/password.
I set up a GIT server (Gitblit) that uses HTTPS client authentication. I have a working configuration and key material with the standard GIT client on Linux (Debian).
Until now I didn't figure out how to correctly configure:
The standard GIT client (command line, v1.9.5) on Windows (Win7 64)
Eclipse (Luna) with EGit.
For Windows 7, I successfully used these parameters:
[http "https://git.repository.net"]
proxy = proxy.to.use:1234
sslCert = "C:/Path/to/mycert.crt"
sslKey = "C:/Path/to/mycert.key"
sslVerify = true
sslCertPasswordProtected = false
Be sure to not forget the quotes, or you will run into trouble with forward slashes.
I think git will also prompt you for the password, if you leave one on the key, but I'm not sure how well it can cache, and for me it got old quick to re-enter that password routinely.
Regarding Eclipse: I can at least verify, that the current SimRel 2018-9 doesn't work with that .gitconfig, so I'm still looking for a way to make it work.
I'm trying to get the GitHub client for Windows working. I am on a corporate Win 7 x64 computer behind a corporate proxy and firewall. Following various other posts and experimenting with multiple combinations of environment variables and config variables I have found the only way to get cloning and push updates to work is by using the HTTPS_PROXY environment variable, including my full corporate domain user ID and password.
This is unacceptable from a security standpoint. Is there any other way to get this to work?
Additional notes:
The following worked:
Add an environment variable called HTTPS_PROXY with the value http://[domain]\[userid]:[password]#someproxy.mycorp.com:8080
The following did not work:
Omitting user id and password from HTTPS_PROXY variable
Using an environment variable called HTTP_PROXY (no S)
Adding the http.proxy variable to the global config file (.gitconfig)
Adding the https.proxy variable to the global config file
In all cases, the GitHub client still does not recognize the proxy: The content of the file TheLog.txt always shows the following on startup:
[time]|INFO|thread:4|GitHub.Helpers.StartupLogger|Proxy information: (None)
[time]|INFO|thread:4|GitHub.Helpers.StartupLogger|Couldn't fetch creds for proxy
And is followed by the output of several failed proxy authentication attempts, all of which indicate "Credentials are missing."
Add these entries to your '.gitconfig' file in your user directory (go to %USERPROFILE%):
[http]
proxy = http://<proxy address>:<proxy port>
[https]
proxy = https://<proxy address>:<proxy port>
And if you don't want to store your password in plaintext, I would use a local proxy forwarder like CNTLM which allows you to direct all traffic through it and can store the passwords hashed.
Unlike the original question, if you don't care if your password is in plain text add these:
[http]
proxy = http://<username>:<password>#<proxy address>:<proxy port>
[https]
proxy = https://<username>:<password>#<proxy address>:<proxy port>
Tried everything of above - and didn't succeed, only thing that helped me is CNTLM - http://cntlm.sourceforge.net/.
Install it and run cntlm -H, than authenticate to corp proxy, edit cntlm.ini file with the output of cntlm, restart the windows service. Update .gitconfig with:
[https] proxy = localhost:3128
[http] proxy = localhost:3128
Now cntlm will do all the authentication, and you'll be able to use GitHub(and Dropbox, btw) behind the corp proxy. At least until next password change :) (than do cntlm -H stuff again)
I was able to make GitHub Shell to work with our corporate proxy. I'm starting GitHub Shell and execute following command:
export http_proxy=http://<username>:<password>#<corporate proxy>:3128
I would really like to make GUI to work too. But I don't want to set Windows global environment variable which contains my corporate credential information.
Strangely GitHub GUI Client is able to connect to GitHub for user authentication, but only problem is with cloning, pulling and pushing projects from and into GitHub. It seems like the problem is with git implementation. I was able to configure git to run through our proxy without putting my credentials in the git global settings and it was asking for my credentials while performing pull or push requests. But that was working only in Git Shell.
If you’re using GitHub for Windows in a corporate, chances are high that you’re behind a big bad Corporate Firewall/Proxy. GitHub for Windows doesn’t yet have the proxy parameters in its GUI for setting Options.
To configure GitHub for Windows to use your corporate proxy, edit the .gitconfig file typically found at C:\Users\.gitconfig or C:\Documents & Settings\.gitconfig
Close GitHub for Windows; In .gitconfig, just add
[https]
proxy = proxy.yourcompany.com:port
I've also run into this issue, and tried to dig into it a bit as well (disassembled the client).
The piece of code that generates the log messages we're seeing is as follows:
private static void LogProxyServerConfiguration()
{
WebProxy defaultProxy = WebProxy.GetDefaultProxy();
string str = defaultProxy.Address != (Uri)null ? defaultProxy.Address.ToString() : "(None)";
StartupLogger.log.Info((IFormatProvider)CultureInfo.InvariantCulture, "Proxy information: {0}", str);
try
{
if (defaultProxy.Credentials == null)
{
StartupLogger.log.Info((IFormatProvider)CultureInfo.InvariantCulture, "Couldn't fetch creds for proxy", new object[0]);
}
else
{
NetworkCredential credential = defaultProxy.Credentials.GetCredential(GitHubClient.GitHubDotComUri, "Basic");
StartupLogger.log.Info((IFormatProvider)CultureInfo.InvariantCulture, "Proxy is authenticated: {0}", credential != null && !string.IsNullOrWhiteSpace(credential.UserName));
}
}
catch (Exception ex)
{
StartupLogger.log.InfoException("Couldn't fetch creds for proxy", ex);
}
}
So this block only logs the proxy information that's setup in IE. The log message appears to have no bearing on what we have setup in the config files or environmental variables.
i dont know about your firewall, but my campus use proxy
do you use any git gui? EDIT : just noticed that you're using github client for windows
i am using tortoisegit and its very easy to set the proxy. Just right click anywhere, tortoisegit>network, enable proxy server and set server address, username, and password. done
as far as i remember, tortoisegit will also works out-of-the-box with github.
Here is the way to set proxy in github
git config --global http.proxy http://<username>:<pass>#<ip>:<port>
git config --global https.proxy http://<username>:<pass>#<ip>:<port>
Here in my college we don't have username and password, so if our college
ip is 172.16.10.10 and
port is 8080
git config --global http.proxy http://172.16.10.10:8080
git config --global https.proxy http://172.16.10.10:8080
P.S -> I would recommend using this method to set proxy as things will fall into place as you will learn further
Source
I found this blog to be useful. It describes ntlmaps proxy. It's probably less secure, but worked smoothly. I couldn't get cntlm working.
For us, the solution involved two different things. First, as described in Sogger's answer, you need to add the entries to your .gitconfig file, located in %USERPROFILE%.
[http]
proxy = http://<proxy address>:<proxy port>
[https]
proxy = https://<proxy address>:<proxy port>
Second, (and this was the missing piece for us,) you need to configure an exception on the proxy server to allow non-authenticated proxy traffic to *.github.com
In iPrism, it looks like this:
The problem is not so much the proxy, but the authentication. Bypassing the authentication requirement allows the needed communication to clone and work with projects using the GitHub desktop client.
Also note that this approach did not require storing proxy credentials in the .gitconfig file.
In case you need to force Git or GitHub client to bypass the proxy (use the direct connection), just set the proxy URI in the .gitconfig to an empty string. You'll probably have to edit the file manually, I didn't manage to persuade the git config command to set the value of a configuration directive to an empty string (tried git config --global http.proxy "").
So just add the following lines to the ~/.gitconfig:
[http]
proxy = ""
[https]
proxy = ""