On openshift cluster i deployed gitea v1.9.0 and i added a webhook for triggering the pipeline, now i'm getting the following error:
Delivery: Post
https://ip#:8443/apis/build.openshift.io/v1/namespaces/jenkins/buildconfigs/pipeline6/webhooks/somesecret/generic:
x509: certificate signed by unknown authority
How can i disable ssl verification in Gitea ? And is there another way to trigger the build in openshift's pipeline ?
No, there is no possibility to disable the ssl verification in Gitea AFAIK.
I had the same error by the integration with Jenkins. The problem was that Gitea does not support the "certificate discovery" feature (as for example a browser like Firefox does, see here) and Jenkins was misconfigured and was sending only the end entity certificate.
After making Jenkins to send the entire certificate chain, the problem disappeared.
Related
I am trying to scan a docker image using "jf docker scan DOCKER_IMAGE:TAG --insecure-tls=true" but an error "x509: certificate signed by unknown authority" is showing up,
Here is the log :
[Warn] (Attempt 1) - Failure occurred while sending GET request to https://THE_URL/api/system/version: Get "https:///api/system/version": x509: certificate signed by unknown authority
[Info] executor timeout after 3 attempts with 0 milliseconds wait intervals
INFORMATION: When I try to send a Curl request from the terminal to the URL it works.
The issue here is that JFrog CLI cannot get the certs to trust the connection and fails. I would suggest referring to this wiki first to understand the JFrog CLI's cert validation. Overall, you should simply add the pem file of the cert to the JFROG_CLI_HOME/security/certs directory.
After creating a private docker registry on one of my machines, I try to push an image to it but it throws the error: Get "https://host.domain/v2/": x509: certificate signed by unknown authority
The registry was created according to the official docker documentation. If I request the same url within safari or chrome, the request gets resolved successfully, showing that the certificate is valid.
So I'm wondering: what does docker do differently that it can't validate my certificate?
Many thanks in advice!
Solved the issue: it seems that if your certificate issuer provides an intermediate certificate EXPLICITLY, it's required to chain the domain.crt and intermediate.crt by running cat domain.cry intermediate.crt > concat-domain.crt (for example).
Instruction coming from official docker documentation.
I install the Gitea plugin for Jenkins and try to add Gitea server in Configuration
My Gitea URL:
But I get HTTP 403/Forbidden warning.
I find a similar question: How to connect Jenkins and Gieta
And I don't know clearly how to "make Jenkins to send the entire certificate chain" at the end of that answer, if this way works.
It should be fine as official documentation says-
Hint: you can ignore a "HTTP 403/Forbidden" error here in case your gitea instance is private.
https://plugins.jenkins.io/gitea/
I have got Jenkins server setup in Azure VM with self-signed certificate, when I tried to setup a webhook from GitHub server I getting error "We couldn’t deliver this payload: certificate signed by unknown authority".
Do we have any way to import my CA file into GitHub trusted entry? I have tried searching in different forums but could see any response.
Thanks,
If you have admin access to the server you can install into it's cert store.
Most likely will never work for github.com, only for github enterprise.
https://docs.github.com/en/enterprise-server#3.4/admin/configuration/configuring-your-enterprise/troubleshooting-ssl-errors#installing-self-signed-or-untrusted-certificate-authority-ca-root-certificates
I have a kubernetes cluster setup where I am trying to publish a message to google cloud pub/sub from my pod. When the POST call (created by the API behind the scenes) is being made by the pod, it fails citing the issue below:
2016/07/21 10:31:24 Publish failed, Post https://pubsub.googleapis.com/v1/projects/<project-name>/topics/MyTopic:publish?alt=json: x509: certificate signed by unknown authority
I have already put a self signed certificate in the /etc/ssl/certs of my docker Debian image. Do I need to purchase a SSL certificate signed by some certified authority or will a self signed one do the job and I am missing something out here.
Self-signed certificates will not work. The certificate needs to be signed by a certificate authority.