FAQ
- How do I see the logs of the extensions?
- I'm getting "TLS Error: unable to verify the first certificate" in the On-Prem Agent logs
- I'm getting "TLS Error: unable to verify the first certificate" in Swimm IDE Server logs in my IDE
- I don't know what certificates I need to mount into the On-Prem Agent
- I can't figure out what certificate to use in the On-Prem Agent to fix "TLS Error: unable to verify the first certificate"
- I'm seeing "Cannot read properties of null (reading 'versions')" in the On-Prem Agent logs /* TODO We should really have a better error for this, this is embarrassing */
- In the IDE logs (Swimm Server), I'm seeing "FetchError: request to https://… failed, reason: connect ETIMEDOUT"
- The AI generation seems to stop midway or just fails
- I'm using plain Docker, how do I check if the On-Prem Agent is running/stop it/see logs/etc?
- I'm using plain Docker, can I run commands in the container to help debug things?
- Testing Azure OpenAI with cURL
- I can access Azure OpenAI using cURL or code on my computer but can't inside a Docker Desktop container
- Using WireShark to debug network issues
- MTU issues on Docker Desktop
How do I see the logs of the extensions?
The Swimm extension logs are available in:
- VS Code – Output panel → Swimm & Swimm Server
- IntelliJ – Help → Show/Open Log
- Visual Studio – Output panel → Swimm & Swimm Server
I'm getting "TLS Error: unable to verify the first certificate" in the On-Prem Agent logs
This error most often occurrs when the On-Prem Agent is deployed to access Azure OpenAI or other services through a forward/reverse proxy or VPN that performs TLS Man-in-the-Middle (MITM).
You will need to instruct the On-Prem Agent to trust the custom certificates
using the NODE_EXTRA_CA_CERTS
environment variable. (The custom certificates
bundle should be in PEM format)
For example using plain Docker, you can add to your command:
docker run \
... \
-v $PWD/ca.crt:/etc/ca.crt:ro
-e NODE_EXTRA_CA_CERTS=/etc/ca.crt \
... \
The path on the left hand side of -v
must be absolute, we use $PWD
to make it absolute.
If you don't know what the needed CA certificate is, you might be able to grab it from your operating system, see below.
I'm getting "TLS Error: unable to verify the first certificate" in Swimm IDE Server logs in my IDE
This error occurrs when the certificate used for your TLS setup for the On-Prem Agent is not trusted by your local computer.
Swimm's extensions know to load additional certificates from your operating
certificate store and also from NODE_EXTRA_CA_CERTS
if set in the environment
of your IDE.
You can enable "Network Debug" in the Swimm extensions configuration to receive some additional output about this in the Swimm extension and IDE server logs.