Resolving GitHub Copilot Sign-In Issues in Eclipse Behind Corporate Firewall
If you’re using the GitHub Copilot plugin for Eclipse (the official one from GitHub) and encounter an error like:
Could not log in with device flow on https://github.com/: unable to get local issuer certificate
…it’s likely due to the plugin’s internal Node.js component not trusting your corporate SSL inspection certificate (commonly used by enterprise firewalls or proxy systems for HTTPS traffic monitoring).
✅ Solution: Use NODE_EXTRA_CA_CERTS
To fix this, follow these steps:
Export your corporate Root CA certificate
Either get it directly from team or Open certmgr.msc
Locate the certificate under Trusted Root Certification Authorities
Export it as Base-64 encoded X.509 (.CER)
Ensure it begins with
-----BEGIN CERTIFICATE-----
Set the environment variable
- Add this as a User Environment Variable in Windows:
Variable name: NODE_EXTRA_CA_CERTSVariable value: Path to exported certificate
⚠️ Ensure the file is in text format with no quotes in the path even if space is present.
Restart Eclipse
Restart Eclipse to apply the change if its already running. GitHub Copilot should now sign in successfully.
🔎 Additional Notes
This fix applies specifically to the official GitHub Copilot plugin, which runs a Node.js-based background server.
Other Git-related features (like clone/push via EGit) typically work because they use system trust stores or Java settings.
For plugin compatibility with your eclipse, refer to GitHub’s official documentation in Eclipse market place.