I have got Jenkins server setup in Azure VM with self-signed certificate, when I tried to setup a webhook from GitHub server I getting error "We couldn’t deliver this payload: certificate signed by unknown authority".
Do we have any way to import my CA file into GitHub trusted entry? I have tried searching in different forums but could see any response.
Thanks,
If you have admin access to the server you can install into it's cert store.
Most likely will never work for github.com, only for github enterprise.
https://docs.github.com/en/enterprise-server#3.4/admin/configuration/configuring-your-enterprise/troubleshooting-ssl-errors#installing-self-signed-or-untrusted-certificate-authority-ca-root-certificates
Related
On openshift cluster i deployed gitea v1.9.0 and i added a webhook for triggering the pipeline, now i'm getting the following error:
Delivery: Post
https://ip#:8443/apis/build.openshift.io/v1/namespaces/jenkins/buildconfigs/pipeline6/webhooks/somesecret/generic:
x509: certificate signed by unknown authority
How can i disable ssl verification in Gitea ? And is there another way to trigger the build in openshift's pipeline ?
No, there is no possibility to disable the ssl verification in Gitea AFAIK.
I had the same error by the integration with Jenkins. The problem was that Gitea does not support the "certificate discovery" feature (as for example a browser like Firefox does, see here) and Jenkins was misconfigured and was sending only the end entity certificate.
After making Jenkins to send the entire certificate chain, the problem disappeared.
I have a kubernetes cluster setup where I am trying to publish a message to google cloud pub/sub from my pod. When the POST call (created by the API behind the scenes) is being made by the pod, it fails citing the issue below:
2016/07/21 10:31:24 Publish failed, Post https://pubsub.googleapis.com/v1/projects/<project-name>/topics/MyTopic:publish?alt=json: x509: certificate signed by unknown authority
I have already put a self signed certificate in the /etc/ssl/certs of my docker Debian image. Do I need to purchase a SSL certificate signed by some certified authority or will a self signed one do the job and I am missing something out here.
Self-signed certificates will not work. The certificate needs to be signed by a certificate authority.
I've successfully created a Bot and run an integration test for an iOS application hosted on a remote SVN server over HTTP. When trying to run the same test over HTTPS the test fails and I receive the error: Integration failed. Unexpected internal server error. See the integration's logs for more details. The certificate used for the SVN server is self signed and I ensured I am able to still update/commit to the server over HTTPS. After looking through the logs I can't seem to find out what the error is or how to fix it. (I would post the logs but it's like 100 pages to read through...)
Steps taken so far:
Deleted the bot and project, checked out the project over HTTPS, re-made the bot.
Ensure the correct HTTPS repository is listed both in OS X Server --> Xcode --> Repositories, and in Xcode's repository preferences. (Deleted the old repository as well)
Place the self signed certificate into the keychain's System Store and ensure it is set to Trust All.
Modified the Xcode config file xcsbuildd.plist and changed TrustSelfSignedSSLCertificates to true.
Nothing has seemed to fix it so far. If anyone can think of a fix for this issue please let me know.
I finally was able to fix this by adding to the System keychain our company's Root certificate authority and Intermediate certificate authority certs.
I used Charles (web debugging proxy) to intercept requests and responses and see what was wrong. It gave me a clue that OS X Server was struggling with certs.
I'm trying to setup our APNS server. I was looking at the instructions on this page:
http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12
I'm understanding everything. Problem is that I have a website already SSL enables (SSL terminates at the load balancer) on AWS, following these instructions a while back:
"Public key certificate and private key doesn't match" when using Godaddy issued certificate
The website for APNS is telling me to get a CSR file, etc. But if I already have this SSL certification done, does it mean I have to start from scratch and re-key my key? :( I wasn't able to find information regarding this...
The APNS CSR has nothing to do with any certificates you already have.
You have to create certificates in the developer area of apples websites. You don't install those certificates to the web server... they are only used from the php script on your server to connect to the apple server as a client. Your script has to load them while they run.. but they are not installed in the web server or load balancer.
I'm using the acegi security plugin and I run the app -https. The cert is generated but I get a certificate warning when i visit the web page. I have then download the weak ssl plugin and added weakssl.trustAll =true to Config.groovy. But still getting the same warning. Have I left out anything?
The warning is normal. You can just accept the self-signed certificate. The weakssl module allows the Grails server to trust itself even if it provides a self-signed certificate. It has no effect whatsoever on the client. (Think what a horrible security hole it would be if you could just install some code on the server and get a client to accept a self-signed certificate without a warning!)
To solve your problem you need to either
manually tell your browser the certificate is OK by adding the certificate to your truststore
or
get a certificate from a trusted CA (Certificate Authority) a list of trusted CAs is stored in your browser. To get a certififate from a CA you need to proof your identity and pay (a lot) some money.
so I recommend you just accept the untrusted certifcate unless you want to buy a CA certificate.
The config you changed tells only the server to accept all certificates. i.e. if your server is connecting to another server