> For the complete documentation index, see [llms.txt](https://help.aikido.dev/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.aikido.dev/code-scanning/local-code-scanning/troubleshooting-local-scanner-connectivity-issues.md). # Troubleshooting Local Scanner connectivity issues This guide helps customers run the Aikido Local Scanner behind corporate proxies, custom SSL inspection, or locked-down networks. It covers when and how to use `--enable-proxy` and `--ca-bundle`, which domains to whitelist, and how to fix common certificate errors. To function correctly, the Local Scanner must be able to access the following domains over HTTPS (port 443): `*.aikido.dev` #### Using `--enable-proxy` The scanner does **not** use the system proxy by default. To send all HTTPS traffic through your corporate proxy, you must: 1. **Enable proxy support** with the `--enable-proxy` flag. 2. **Set the proxy URL** via the `HTTPS_PROXY` (or `https_proxy`) environment variable. #### Using `--ca-bundle` (custom root CAs) When your proxy or firewall performs **SSL inspection**, it typically replaces the server’s certificate with one signed by an **internal/corporate CA**. Use **`--ca-bundle`** to point the scanner at a **PEM file** that contains your corporate root CA certificate(s) (and optionally intermediate CAs). The scanner will then trust those CAs when connecting through the proxy. 1. **Get your corporate CA certificate** (e.g. from your IT team or export from the machine’s trust store). It must be in **PEM** format. 2. **Pass it to the scanner** via `--ca-bundle` or the `AIKIDO_CA_BUNDLE` environment variable. Additionally it might be required to pass this value as `SSL_CERT_FILE` and `NODE_EXTRA_CA_CERTS` environment variables. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.aikido.dev/code-scanning/local-code-scanning/troubleshooting-local-scanner-connectivity-issues.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.