When I run wkg on my IT-managed Windows machine I get the following error:
> wkg wit fetch
2026-03-23T19:39:14.001995Z WARN wasm_pkg_client::metadata: Error fetching registry metadata error=RegistryMetadataError(error fetching registry metadata from "https://wasi.dev/.well-known/wasm-pkg/registry.json"
Caused by:
0: error sending request for url (https://wasi.dev/.well-known/wasm-pkg/registry.json)
1: client error (Connect)
2: invalid peer certificate: UnknownIssuer)
My hunch is that the IT configuration requires using the system root CA for HTTP requests, see similar:
There is a related issue asking for extra root certs / accepting invalid certs: #127
I think this issue to trust the system root CA (and while independent the related issue for extra roots / accepting invalid certs) could be handled following the pattern from the spin and servo PRs by leaning on rustls-platform-verifier.
When I run wkg on my IT-managed Windows machine I get the following error:
My hunch is that the IT configuration requires using the system root CA for HTTP requests, see similar:
There is a related issue asking for extra root certs / accepting invalid certs: #127
I think this issue to trust the system root CA (and while independent the related issue for extra roots / accepting invalid certs) could be handled following the pattern from the spin and servo PRs by leaning on
rustls-platform-verifier.