[BUG] Local MCP server will not trust self-signed certs
Environment
- Platform (select one):
- [x] Anthropic API
- [ ] AWS Bedrock
- [ ] Google Vertex AI
- [ ] Other: <!-- specify -->
- Claude CLI version: 1.0.41
- Operating System: Windows 11 (WSL 2)
- Terminal: Windows Terminal
Bug Description
As Claude itself uncovered, Claude Code does not have a built-in option to ignore SSL certificate validation for self-signed certificates. Also, in my case these are Lando generate certs, that are generated by the Lando CA which is added to both my WSL instance and to Windows as a trusted CA -- so I'm not sure why Claude Code doesn't accept it. Also, the same local MCP server setup in VS Code works, so it feels like it should work out of the box.
Steps to Reproduce
- Create a local self-signed cert (signed by a trusted local CA)
- Add MCP server that uses this local certs, i.e.
https://mysite.lndo.site
Expected Behavior
Claude Code should just trust the local self-signed cert and work as normal
Actual Behavior
You end up with a fetch failed error. Full debug info reveals:
MCP server "wordpress-mcp": HTTP Connection error: {"url":"https://mysite.lndo.site/wp-json/wp/v2/wpmcp/streamable","error":"fetch failed","stack":"TypeError: fetch failed at node:internal/deps/undici/undici:13510:13\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\n at async on1.send (file:///home/my-user/.nvm/versions/node/v22.16.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:1342:24681)"}
Additional Context
You can get around this by using, (NODE_TLS_REJECT_UNAUTHORIZED=0 claude) to load Claude Code but that is obviously not desirable for various reasons, particularly security.
This issue has 8 comments on GitHub. Read the full discussion on GitHub ↗