# Resolving Certificate Issues for Installing the AMESA SDK on WSL If you use Windows Subsystem for Linux (WSL) on a corporate machine with internal security tools, such as Zscaler, you may encounter issues installing the SDK due to certificate replacement during HTTPS traffic inspection. Below is a method to resolve this issue by importing the appropriate certificates into WSL. ## Step-by-Step Guide to Import Certificates into WSL 1. **Identify the Certificates** * Open in your browser. * Click on the padlock symbol next to the URL to view the site certificates. This method may vary slightly depending on your browser. * Export the certificates in the chain needed to trust the "app.composabl.com" certificate, which may be replaced by Zscaler or similar security tools. The intermediate and root certificates are often issued by your organization's IT department. ![](/files/ST3OqqiRIydBmcAWadwN) 2. **Export the Certificates** * Export the certificates in **Base 64 encoded X.509 (PEM)** format. * Make sure the exported certificate files have a `.crt` extension. 3. **Copy Certificates to WSL** * Copy the exported certificates to `/usr/local/share/ca-certificates` in WSL. You can use any file transfer method between Windows and WSL. 4. **Update the Certificate Store** * Run the following command to update the certificate store in WSL: `sudo update-ca-certificates\` 5. **Verify the Certificate** * You can verify if the certificates are correctly recognized by running: `openssl s_client -connect api.composabl.com:443 -prexit` > This command should connect and print the certificate chain and other relevant information. 6. **Removing Certificates** * If you need to remove the certificates, delete them from `/usr/local/share/ca-certificates` and then run: \`sudo update-ca-certificates --fresh\` > This command will rebuild the certificate bundle from the remaining individual certificates. 7. **Alternative Method: Export from Windows Certificate Store** The intermediate/root certificates may already be available in the Windows certificate store. You can identify and export the required certificates from there if needed. By following these steps, you should be able to configure your WSL environment to trust certificates replaced by corporate security tools, enabling the installation of the SDK without issues. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.amesa.com/troubleshooting/resolving-certificate-issues-for-installing-the-amesa-sdk-on-wsl.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.