Version: 2023.3
Language : English
Configuration
Scoped registry authentication

Solving network issues

Use these procedures to:

Configuring your firewall

Add these to your firewall’s list of allowed domains:

  • packages.unity.com
  • download.packages.unity.com
  • upm-cdn.unity.com (or upm-cdn-china.unitychina.cn for locations in China)

This ensures that the Unity Package Manager can access these domain names using HTTPS.

Tip: Refer to your operating system’s help to learn how to add a domain name to the firewall’s safe list.

Configuring your proxy server

When using a proxy server, configure the HTTP_PROXY and HTTPS_PROXY environment variables for the Unity Package Manager to use when performing requests against the Unity package registry. For more information, refer to Use environment variables to identify your proxy server.

You can set these variables globally (either system or user variables) according to your operating system. Alternatively, you can create a command file to set these environment variables and launch the Hub.

For environments where you are behind a proxy server using a certificate that Package Manager doesn’t recognize, you can configure a custom certificate authority.

Custom certificate authority

In some organizations, users can only access the internet through a proxy server. Some proxies unpack the HTTPS content and repack it with their own SSL certificate. Unity Package Manager’s underlying HTTPS layer sometimes rejects these certificates because it doesn’t recognize the certificate authority that emitted them. When this happens, the Package Manager treats the connection as a possible machine-in-the-middle attack (MITM). This means that you can’t use many features in Unity, including the Package Manager, unless you configure additional SSL certificate authorities to allow these certificates.

To configure additional SSL certificate authorities:

  1. Locate the upmconfig.toml global configuration file. If the file doesn’t already exist, create an empty text file.

  2. Create a text file with one or more certificates for custom certificate authorities. The file must consist of one or more trusted certificates in the Privacy-Enhanced Mail (PEM) format. For example:

    -----BEGIN CERTIFICATE-----
    MIIC+zCCAeOgAwIBAgIJAO0U6hVJnbvjMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
    BAMMCWxvY2FsaG9zdDAeFw0xOTAzMTIwMTIxMzRaFw0yOTAzMDkwMTIxMzRaMBQx
    (additional lines omitted for conciseness)
    LFwHSUdqk0lJK4b0mCwyTHNvYO1IDziE5EKwfuaKVgOa62iCHVahgIVa+een4EfS
    hCCr3M3cq11Mi+mnRi1scxxrOno4OEEChWg2szZLlxBrkVJllrrq620XJ6RLB/8=
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
    MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
    (additional lines omitted for conciseness)
    H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
    +o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
    -----END CERTIFICATE-----
    
  3. Save this file to the same folder as the global configuration file if possible, although Unity supports any location on the file system.

  4. In the global configuration file, add the caFile key and set its value as an absolute file path to your PEM file. Important: When setting Windows paths in TOML files, use forward slashes (/) or double backslashes (\\). Don’t use single backslashes (\) because they’re special characters which mark escape sequences and can cause TOML parsing errors.

    Windows example

    caFile = "C:\\ProgramData\\Unity\\config\\cert.pem"
    

    macOS and Linux example

    caFile = "/etc/cert.pem"
    

Additional resources

Configuration
Scoped registry authentication
Copyright © 2023 Unity Technologies
优美缔软件(上海)有限公司 版权所有
"Unity"、Unity 徽标及其他 Unity 商标是 Unity Technologies 或其附属机构在美国及其他地区的商标或注册商标。其他名称或品牌是其各自所有者的商标。
公安部备案号:
31010902002961