Our corporate firewall/proxy is keeping VS Code from being able to install extensions because Code doesn't trust something in the chain. It doesn't reliably give an error, but when it does, it's this: "self signed certificate in certificate chain".
This seems like it's an OpenSSL error, but I don't have enough familiarity with OpenSSL to know how to trust the certificate?
This is a terrible answer (not very secure), but appears to be the current Microsoft official answer. Use "http.proxyStrictSSL": false in your settings.json file.
This should work to get around the issue of installing extensions inside a corporate network, but I'd recommend disabling the setting if you are going to be working from home/coffee shop and not connected to the corporate VPN.