3

I have VirtualBox 4.3.12 on Windows 8.1 running Ubuntu Trusty 32bit client.

When I try to access HTTPS resources from the client, I see errors like:

Cannot fetch index base URL https://pypi.python.org/simple/

As far as I know, there is no proxy being used. netsh winhttp show proxy shows:

Direct access (no proxy server).

I can access HTTPS resources just fine from the host. I also disabled firewall. I have my company's Symantec protection installed on the computer, but I disabled its firewall as well.

Any ideas?

Victor L
  • 143

2 Answers2

2

When I had this problem it was because the Host computer had CA root certificates that the client didn't have. My VM worked fine when connected to my personal WiFi at home, but when I was at the office, or connected to my VPN I could not access any website that required HTTPS to connect.

For Windows 7 Host with CentOS guest I did the following.

  1. Attempted to access an HTTPS website from within the client.

  2. When the client refused to connect, telling me the certificate is from an untrusted source, I clicked the "Add Exceptions" option. I didn't actually add an exception, but I did need the next popup to resolve the issue.

  3. clicked "View Certificate." Looked at the certificate issuer. Which turned out to be my employer because of the way my company deals with secure traffic on its network.

  4. Switched to my windows Windows Host and started "Certmgr.msc"

  5. Selected the "Trusted Root Certification Authorities" icon in the left pane.

  6. Found all the certs for my company in the right pane (there were 6), and exported them one at a time via, Right Click -> All Tasks -> Export. A Wizard opened up and I chose "DER encoded binary" for each certificate, and I selected a directory that was shared between the Host and Guest as the location for saving the certs.

  7. I switched to the host and converted all the .cer certificates to .pem files via:

    openssl x509 -inform der -in certificate.cer -out certificate.pem

  8. I placed them all in the following directory:

    /etc/pki/ca-trust/source/anchors/

  9. I ran a certificate update

    sudo update-ca-trust

And that is it. The basic problem was that my work IT system was catching encrypted traffic and reissuing the cert, but since my VM Guest didn't have my company's certs listed as root authorities anything requiring the certs was being identified as untrusted. Hope that helps some of you

Glorfindel
  • 4,158
Semicolons and Duct Tape
  • 121
0

I faced the same issue. In chrome when the error appears i clicked on the error to find the exact cert authority name.

On host, I went to chrome://settings -> certificates -> authorities and exported that specific authority and then I imported that file in chrome of the guest os.

anony
  • 101