I’m trying to use NVIDIA SDK Manager on ubuntu inside a corporate environment where HTTPS traffic is intercepted and re-signed by our company’s certificate authority.
When I launch SDK Manager and attempt to log in the browser opens (CA Certificate was added there), login works fine, but sdkmanager immediately says “session expired please log in again”.
The logs say:
error: Failed to get id token from https://login.nvidia.com/…
Error: RequestError: unable to verify the first certificate
I searched the forum and found many people having this problem, still without a solution. Unfortunately i cannot add to those topics as they are closed by now. (See Sdkmanager login problem - #13 by kfawcett for example). I tried the ai generated solutions written in:
Everything else in the system works, as i added the certificate to the system using:
sudo cp my-company-root-ca.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
→ So apt, curl and so on is working fine but i cant get the sdkmanager to respect it.
My questions are:
Does SDK Manager use its own certificate trust store, separate from the system one?
Is there a supported way to configure SDK Manager to use a custom CA certificate file?
If not, what is the recommended method for running SDK Manager in a corporate environment with SSL interception?
Any guidance or documentation references would be greatly appreciated.
My last flash of my Orin I used sdkmanager --cli and it was straightforward. I wonder if this work around the problem. QR code login option Install with the Command Line — SDK Manager
When the QR code image appears, scan the code via a camera application on a different device.
Enter the credentials for your NVIDIA Developer account on that device.
Once completed, SDK Manager will start.
I’m seeing the same thing. My browser opens up. I successfully log-in, but then SDK Manager responds with a timeout message. The log file shows this:
12:00:29.266 - error: Failed to get id token from ``https://login.nvidia.com/token?grant_type=authorization_code&code=...`` Error: RequestError: unable to get local issuer certificate. 12:00:29.267 - info: Event: Login Complete: failed 12:00:29.274 - error: loginManager.login failed: token_rejected
Like the OP, I’m on a corporate-managed computer, which proxies everything. I have the necessary intermediate CA certificate. It is installed in Linux and in my browser, but it would appear that SDK Manager doesn’t look in either of those locations.
So how do I tell it to use my certificate? Or failing that, tell it to ignore the error.
Do you have any update on this? Seems like many people are having the same problem and it’s not only in this topic here. I found at least three other topics where people are describing the exact same problem. Is this SDK Manager limitation where it doesn’t respect the local OS Cert store (for example on Ubuntu) or it’s some kinds of a bug?
Thank you for following up on this, and we apologize for the inconvenience and the lack of a prior response.
We do have an internal tracking ticket open to investigate this behavior.
Unfortunately, our team has not yet been able to prioritize the full investigation and implementation of a fix for this issue. At this time, we do not have a supported workaround or an estimated timeframe for when a solution will be available.
We understand this can be frustrating for those working behind corporate proxies, and we appreciate your patience. We will be sure to update this thread as soon as we have any new progress or a potential fix to share.