Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
You are running the 'restore' operation with an 'HTTP' source: myHttpSource. NuGet requires HTTPS sources. To use an HTTP source, you must explicitly set 'allowInsecureConnections' to true in your NuGet.Config file. Please refer to https://aka.ms/nuget-https-everywhere for more information.
Issue
myHttpSource is an insecure HTTP source. We recommend using an HTTPS source instead.
Solution
Option 1: Update the Source to Use HTTPS
If possible, update the package source to use https:// instead of http://:
<configuration>
<packageSources>
<add key="SecureSource" value="https://example.com/nuget/" />
</packageSources>
</configuration>
Option 2: Allow Insecure Connections (If Necessary)
If the source must remain HTTP, explicitly allow insecure connections by adding the AllowInsecureConnections flag in the NuGet.Config:
<configuration>
<packageSources>
<add key="InsecureSource" value="http://example.com/nuget/" allowInsecureConnections="true" />
</packageSources>
</configuration>
Option 3: Consult SDK Analysis Level
The SdkAnalysisLevel property in your project can serve as a temporary workaround for managing HTTP sources.
If additional time is needed to resolve the HTTP error, you can lower the SdkAnalysisLevel to suppress errors temporarily.
Here's how it functions:
- For SDK Analysis Level value below 9.0.100, using HTTP sources triggers a warning (NU1803).
- Starting with SDK Analysis Level 9.0.100 or higher, HTTP sources result in an error (NU1302) unless
AllowInsecureConnectionsis explicitly enabled.
Warning
Changing SdkAnalysisLevel has other side-effects. Refer to the SdkAnalysisLevel for a summary of the full scope of .NET SDK features affected.