Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
The SSL connection could not be established, see inner exception.
-
I have deployed ProGet on my OpenShift cluster and set up my feeds. It seems pypi works very well, but when I try to search maven and NuGet for packages, I get "The SSL connection could not be established, see inner exception.". When I try to curl the repo url's from my container, I get varied results, but mostly I am seeing things like this:
"* TLSv1.3 (OUT), TLS alert, unknown CA (560):
- SSL certificate problem: self-signed certificate in certificate chain
- Closing connection 0
curl: (60) SSL certificate problem: self-signed certificate in certificate chain
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above."I have created a configMap of my trusted ca bundle and mounted to /etc/pki/ca-trust/extracted/pem on the pod via a volumeMount.
Is there a specific way to tell my pod to use the trusted ca bundle I have mounted to the pod as a volume?
-
Hi @jeff-williams_1864 ,
I'm not quite sure why nuget.org would report using a self-singed certificate? That seems off, but it sounds like you're doing "something" with regards to certificates that I don't quite understand :)
On that note, the
/usr/local/share/ca-certificatesvolume store the certificates to be included in the container's certificate authority, which is used when connecting to a server with self-signed certificates: https://docs.inedo.com/docs/installation/linux/docker-guide#supported-volumesHope that helps,
Alana
