Some enterprises use SSL inspection as part of their networking environment, to inspect, track, and control network traffic.
With SSL inspection, the web proxy acts as the server to the actual client, and then acts as the client to the actual server. To prevent the client from seeing a security warning, the web proxy must present a valid SSL/TLS certificate to the client on behalf of the server. Without a valid SSL/TLS certificate, the client might not trust the web proxy, and might block or warn the user that their connection isn’t secure.
SSL inspection is sometimes associated with a machine-in-the-middle (MITM).
It’s assumed that your web proxy that uses SSL inspection is already set up. It’s also assumed that client computers are configured at the operating system level to accept the SSL/TLS certificate so they can communicate with the web proxy.
Even with certificates trusted at the operating system level, client computers must be configured to:
As an alternative, you can define exceptions on your web proxy so that Unity URLs aren’t subject to SSL inspection.
To enable Unity Package Manager operations with a web proxy that uses SSL inspection, you must set the NODE_EXTRA_CA_CERTS
environment variable or set certificates with a configuration file.
The certificate file must be distributed to each computer running Unity. Then, the NODE_EXTRA_CA_CERTS
environment variable must be set so its value points the absolute path of the certificate file. Whether you do this manually or use a more scalable method, the certificate and environment variable must be set on each device that communicates with the web proxy. Follow these general steps:
.pem
file to each computer that has an instance of Unity.NODE_EXTRA_CA_CERTS
environment variable in a command file. Refer to Create a command file to set environment variables and open applications.In the following examples, mycert.pem
is the name of the certificate, and it exists in the user’s home directory.
set NODE_EXTRA_CA_CERTS=C:\Users\username\mycert.pem
export NODE_EXTRA_CA_CERTS=/Users/username/mycert.pem
You can find more information about the NODE_EXTRA_CA_CERTS
environment variable in the Node.js documentation.
Follow this process if you’re unable to set certificates with the NODE_EXTRA_CA_CERTS
environment variable to enable Unity Package Manager operations.
Note: Whether you add or update the configuration file manually or by using a more scalable method, you must apply the addition or update to each client computer.
Locate the upmconfig.toml
global configuration file. If the file doesn’t already exist, create an empty text file.
Create a text file with one or more certificates for custom certificate authorities. The file must consist of one or more trusted certificates in the Privacy-Enhanced Mail (PEM) format. For example:
-----BEGIN CERTIFICATE-----
MIIC+zCCAeOgAwIBAgIJAO0U6hVJnbvjMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCWxvY2FsaG9zdDAeFw0xOTAzMTIwMTIxMzRaFw0yOTAzMDkwMTIxMzRaMBQx
(additional lines omitted for conciseness)
LFwHSUdqk0lJK4b0mCwyTHNvYO1IDziE5EKwfuaKVgOa62iCHVahgIVa+een4EfS
hCCr3M3cq11Mi+mnRi1scxxrOno4OEEChWg2szZLlxBrkVJllrrq620XJ6RLB/8=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
(additional lines omitted for conciseness)
H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
-----END CERTIFICATE-----
Unity はファイルシステム上のどの場所でもサポートしていますが、このファイルは、できればグローバルコンフィグレーションファイルと同じフォルダーに保存してください。
グローバル構成ファイルに caFile キーを追加し、その値を PEM ファイルへの絶対ファイルパスとして設定します。重要: TOML ファイルで Windows のパスを設定するときは、フォワードスラッシュ (/
) またはダブルバックスラッシュ (\\
) を使用してください。シングルバックスラッシュ (\
) は、エスケープシーケンスを示す特殊文字であり TOML 解析エラーの原因となるため、使用しないでください。
Windows の例
caFile = "C:\\ProgramData\\Unity\\config\\cert.pem"
macOS と Linux の例
caFile = "/etc/cert.pem"
Did you find this page useful? Please give it a rating:
Thanks for rating this page!
What kind of problem would you like to report?
Thanks for letting us know! This page has been marked for review based on your feedback.
If you have time, you can provide more information to help us fix the problem faster.
Provide more information
You've told us this page needs code samples. If you'd like to help us further, you could provide a code sample, or tell us about what kind of code sample you'd like to see:
You've told us there are code samples on this page which don't work. If you know how to fix it, or have something better we could use instead, please let us know:
You've told us there is information missing from this page. Please tell us more about what's missing:
You've told us there is incorrect information on this page. If you know what we should change to make it correct, please tell us:
You've told us this page has unclear or confusing information. Please tell us more about what you found unclear or confusing, or let us know how we could make it clearer:
You've told us there is a spelling or grammar error on this page. Please tell us what's wrong:
You've told us this page has a problem. Please tell us more about what's wrong:
Thank you for helping to make the Unity documentation better!
Your feedback has been submitted as a ticket for our documentation team to review.
We are not able to reply to every ticket submitted.