Using Aspire MCP server with VS Code #12066
Description
Aspire MCP server uses streamable HTTP, runs on localhost and is secured with a self signed certificate.
The problem is that VS Code refuses to connect to the Aspire MCP server because of the self-signed certificate. Even though the user has trusted the certificate and can browse to Aspire in their browser without any issues, VS Code still rejects the MCP server connection. There's a GitHub issue describing this problem here: Cannot connect to MCP server via SSE using trusted developer certificate · Issue #248170.
The options to get Aspire MCP and VS Code working together - without changes to VS Code - are:
- Use HTTP instead of HTTPS to talk to MCP server
- Globally disable HTTPS errors in NodeJS apps with an env var (
NODE_TLS_REJECT_UNAUTHORIZED=0).
All options have negative security implications. I think a product improvement needs to be made to VS Code to allow it to use Aspire MCP.
VS Code has this problem because it uses the NodeJS HTTP client to call MCP servers. NodeJS doesn't use the local system cert authority so it doesn't know the self-signed cert has been trusted. Newer versions of NodeJS have an option to use the system CA but VS Code (and underlying Electron) use NodeJS 22, not NodeJS 23.
Another option could be for VS Code to have configuration in JSON to ignore TLS errors when talking to a specific HTTP MCP server.
const agent = new https.Agent({
rejectUnauthorized: config["suppress_tls_error"], // read from MCP configuration
});