Allowing custom certificates in okteto cli

Hi, I’m going over Getting Started on Okteto Cloud with PHP tutorial and getting the “certificate signed by unknown authority” error when running “okteto init”. I believe it’s related to the custom zscaler CA that our company defines.
How can I have okteto cli to trust custom CA?
Thanks in advance

➜ php-getting-started git:(main) okteto init
i Using … @ as context
✓ Okteto manifest (okteto.yml) deploy and build configured successfully
? Do you want to launch your development environment? [Y/n]: y
i Building ‘Dockerfile’ in tcp://…
[+] Building 0.0s (0/0)
x Error building service ‘hello-world’: error building image ‘’: build failed: failed to dial gRPC: rpc error: code = Unavailable desc = connection error: desc = “transport: authentication handshake failed: x509: certificate signed by unknown authority”

Hello! Thank you for reaching out. With the release of CLI 2.17 expected on June 21st, we are adding the feature for Okteto CLI to be able to use system trusted CAs.

Thanks @jona
Is there any workaround in the meanwhile? June 21st is a long time from now and it prevents us from evaluating the tool

Maybe there’s a beta version we can try that has it fixed?

I am currently talking with the team internally to see what are the best options as a workaround and will update you soon. Thank you!

Hello, you will be able to make use of this feature by using out Dev Release Channel as explained here: okteto/ at master · okteto/okteto · GitHub

The feature was merged into our master branch today and will be released at 4am UTC and should be available starting tomorrow. Please let us know if you need additional help or if you have other questions, thank you!

Actually, we were able to manually publish the feature in our Dev channel so if you would like to try before tomorrow you should be able to do so. Let us know if you run into any issues!

curl -sSfL | sh
1 Like