When running snyk CLI functions, for example
snyk auth or
snyk test, especially if running Snyk within a container (eg a pipeline test), the process may fail. Initially the error may show as
An unknown error occurred. Please run with `-d` and include full trace when reporting to Snyk
When running the function with
-d (debug) option, the error shown is:
Cannot read TLS response from mitm'd server x509: certificate signed by unknown authority
Snyk CLI relies on the operating system's CA Certificates.
The CLI processes may fail if the operating system CA certificates are out of date.
For Linux OS which use apt-get:
- Add a
apt-get install -y ca-certificatesstep before running snyk in your pipeline
- If you are running your own image, this can be added in a RUN step within the Dockerfile, after which you will need to build a new image.
If you are using a snyk image - for example snyk/snyk:linux - or a different OS type, please raise a ticket with support and provide debug logs plus the reference to this article.