Asher

Originally we generated the certificate on Windows using `New-SelfSignedCertificate` in Powershell but here is an `openssl` command that reproduces the same bug: ```console openssl req -x509 -nodes -newkey rsa:2048 \...

After some more testing I believe the reason it does not affect Chrome is because it accepts partial chains and that circumvents the `UNABLE_TO_VERIFY_LEAF_SIGNATURE` error. Node on the other hand...

Thanks for the confirmation! I was looking into putting together a patch for BoringSSL but I have not yet had the time. I think the change itself would be fairly...

Still reproduces in 28.1.1.

Still reproduces in 29.2.0.

Thanks for the comment! I think #41689 is unrelated; in the test reproduction we are already passing in the CA so `NODE_EXTRA_CA_CERTS` may not give us anything extra (but entirely...

If I recall correctly, I got some error when running `gclient sync`, but I will try to find time to give it another go. :crossed_fingers: After confirming the patch has...

Are you saying the expectation is that there should be no password prompt at all? The `PASSWORD` environment variable only tells code-server what password the user needs to send in...

Or, are you saying the problem is that the same cookie for 4.18 is not working for 4.21? That does seem odd. I do not think we made any changes...

Are you able to download and extract https://github.com/coder/code-server/releases/download/v4.23.1/code-server-4.23.1-linux-amd64.tar.gz on that remote machine? And does it happen consistently? I wonder if it was some network blip that corrupted the file.