I am experiencing problems executing Vagrant commands behind a corporate proxy server and self-signed CA certificates. I have configured environment variables HTTP_PROXY, HTTPS_PROXY, and HTTP_NO_PROXY variables.
I have a Java key store containing all of the corporate certificates. I have used the -exportcert option of the keytool command with numerous options. I have utilized the openssl command also with numerous options and placed the resulting files in multiple locations within the embedded Ruby directories within the Vagrant installation without any success.
I have read a lot of sites containing information about configuring Ruby and curl but have not had any success in getting Vagrant commands to work. All of the posts I have located focus on Ruby and curl options that I do not understand how to utilize with Vagrant which includes Ruby as an embedded component of Vagrant.
Please provide instructions on how to correctly export certificates from the Java key store and optionally convert them and place the resulting files so that Vagrant will successfully be able to communicate through the corporate proxy to the internet.
Vagrant 1.9.5 on Windows 7
Vagrant installation directory C:\Apps\Vagrant\
C:\WorkArea> vagrant plugin install vagrant.proxyconfERROR: SSL verification error at depth 3: self signed certificate in certificate chain (19)ERROR: Root certificate is not trusted (/C=US/O=xxx xxx/OU=xxx xxx Certification Authority/CN=xxx xxx Root Certification Authority 01 G2) SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)C:\WorkArea> vagrant upBringing machine 'default' up with 'virtualbox' provider...==> default: Box 'puppetlabs/ubuntu-16.04-64-puppet' could not be found. Attempting to find and install... default: Box Provider: virtualbox default: Box Version: >= 0The box 'puppetlabs/ubuntu-16.04-64-puppet' could not be found orcould not be accessed in the remote catalog. If this is a privatebox on HashiCorp's Atlas, please verify you're logged in via`vagrant login`. Also, please double-check the name. The expandedURL and error message are shown below:URL: ["https://atlas.hashicorp.com/puppetlabs/ubuntu-16.04-64-puppet"]Error: SSL certificate problem: self signed certificate in certificate chainMore details here: http://curl.haxx.se/docs/sslcerts.htmlcurl performs SSL certificate verification by default, using a "bundle"of Certificate Authority (CA) public keys (CA certs). If the defaultbundle file isn't adequate, you can specify an alternate fileusing the --cacert option.If this HTTPS server uses a certificate signed by a CA represented inthe bundle, the certificate verification probably failed due to aproblem with the certificate (it might be expired, or the name mightnot match the domain name in the URL).If you'd like to turn off curl's verification of the certificate, usethe -k (or --insecure) option.
