This is a terrible answer (not very secure), but appears to be the current Microsoft official answer. Use "http.proxyStrictSSL": false
in your settings.json file.
This should work to get around the issue of installing extensions inside a corporate network, but I’d recommend disabling the setting if you are going to be working from home/coffee shop and not connected to the corporate VPN.