NuGet Warning NU1803


You are running the 'restore' operation with an 'HTTP' source, 'http://api.source/index.json'. Non-HTTPS access will be removed in a future version. Consider migrating to an 'HTTPS' source.


You may need to do one of the following:

  • Correct the specified url. You may have mistyped the source url. Change the url to explicitly request the HTTPS version of the source.
  • Work with the owner of the source and ask them to migrate to HTTPS.
  • If you are absolutely certain the 'HTTP' server you are connecting to is trustworthy, you may opt out of this warning by setting allowInsecureConnections to true for this package source, in Package source sections of your NuGet.Config file. (Supported in NuGet 6.8+)


    <clear />    
    <add key="http-source1" value="http://httpsource1trusted/" allowInsecureConnections="true">
    <add key="http-source2" value="http://httpsource2trusted/" protocolVersion="3" allowInsecureConnections="true">

To learn more, refer to the HTTPS everywhere blog.