How to make SDK Manager respect our company’s SSL certificate?

Robotics & Edge Computing Jetson & Embedded Systems Jetson AGX Orin
1

Hello!

I’m trying to use NVIDIA SDK Manager on ubuntu inside a corporate environment where HTTPS traffic is intercepted and re-signed by our company’s certificate authority.

When I launch SDK Manager and attempt to log in the browser opens (CA Certificate was added there), login works fine, but sdkmanager immediately says “session expired please log in again”.
The logs say:
error: Failed to get id token from https://login.nvidia.com/…
Error: RequestError: unable to verify the first certificate

I searched the forum and found many people having this problem, still without a solution. Unfortunately i cannot add to those topics as they are closed by now. (See Sdkmanager login problem - #13 by kfawcett for example). I tried the ai generated solutions written in:

SDKMANAGER session expired please log in again - #2 by carolyuu
which all didnt work (commands --ignore-certificate-errors are unknown)

Everything else in the system works, as i added the certificate to the system using:
sudo cp my-company-root-ca.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
→ So apt, curl and so on is working fine but i cant get the sdkmanager to respect it.

My questions are:

  1. Does SDK Manager use its own certificate trust store, separate from the system one?

  2. Is there a supported way to configure SDK Manager to use a custom CA certificate file?

  3. If not, what is the recommended method for running SDK Manager in a corporate environment with SSL interception?

Any guidance or documentation references would be greatly appreciated.

Thanks!

1 Like
5

anyone?

6

We will look into this issue to have the updaate soon.

7

My last flash of my Orin I used sdkmanager --cli and it was straightforward. I wonder if this work around the problem. QR code login option Install with the Command Line — SDK Manager

        When the QR code image appears, scan the code via a camera application on a different device.
        Enter the credentials for your NVIDIA Developer account on that device.
        Once completed, SDK Manager will start.
8

I’m seeing the same thing. My browser opens up. I successfully log-in, but then SDK Manager responds with a timeout message. The log file shows this:

12:00:29.266 - error: Failed to get id token from ``https://login.nvidia.com/token?grant_type=authorization_code&code=...`` Error: RequestError: unable to get local issuer certificate.
12:00:29.267 - info: Event: Login Complete: failed
12:00:29.274 - error: loginManager.login failed: token_rejected

Like the OP, I’m on a corporate-managed computer, which proxies everything. I have the necessary intermediate CA certificate. It is installed in Linux and in my browser, but it would appear that SDK Manager doesn’t look in either of those locations.

So how do I tell it to use my certificate? Or failing that, tell it to ignore the error.