Where does the bug appear (feature/product)?
Cursor IDE
Describe the Bug
certificate signature failure
Steps to Reproduce
use company vpn with own certificate chain
Operating System
MacOS
Version Information
Version: 3.3.22
Commit: 38a27120cfc7419a5efa38420665eaeeed1e7b30
Date: 2026-05-07T07:47:13.552Z
Layout: editor
Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Cursor/3.3.22 Chrome/142.0.7444.265 Electron/39.8.1 Safari/537.36
Does this stop you from using Cursor
Sometimes - I can sometimes use Cursor
This is a known issue when Cursor runs behind a corporate VPN or proxy that performs SSL inspection, which replaces certificate chains with your company’s own CA.
A few things to try, in this order:
-
Enable system certificates — In Cursor, go to Settings (gear icon) and search for systemCertificates. Enable both http.systemCertificates and http.experimental.systemCertificatesV2. This tells Cursor to trust certificates from your macOS Keychain.
-
Verify your corporate CA is trusted in macOS Keychain — Open Keychain Access, make sure your company’s root CA certificate is in the System keychain and marked as “Always Trust” for SSL.
-
Switch to HTTP/1.1 — On the same Network settings page where you ran diagnostics, change the HTTP Compatibility Mode dropdown to HTTP/1.1. HTTP/2 can be stricter with certificate validation through proxies.
-
Optional extension — The mac-ca-vscode extension injects macOS system certificates into Cursor’s Node.js layer, which has helped other users in similar corporate setups.
If none of these help, check with your IT team whether Cursor’s domains (*.cursor.sh, *.cursor-cdn.com, *.cursorapi.com) can be added to the VPN’s bypass list so traffic to Cursor doesn’t go through SSL inspection.
Related thread with more context: Cursor Tab not working: certificate signature failure
