You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to get Kinto to run in a development setup with docker, OpenID (Authentik for now) and behind SSL. However, that requires the kinto application running in the container to trust the ssl certificate of the OpenID provider, which is self-signed.
I made a custom kinto image and added the root certificate to the usual trust store. I can run wget and curl from that image no problem, but kinto and urllib3 don't want to have anything to do with it.
As far as I have come so far, urllib3 uses pyOpenSSL so it should use that truststore. Also the certificate file seems correctly installed as a pem file. There are instructions in the urllib3 documentation how to change the code to use a custom bundle, but that would mean to change kinto and pyramid...
Is there an obvious thing I'm missing?
The text was updated successfully, but these errors were encountered:
I found out the problem. Urllib3 seems to usually use the "certifi" package. And one way to add a certificate to that in a docker file is to append it to the certifi bundle:
ADD dev-ca.crt .
RUN cat dev-ca.rt >> `python -m certifi`
alexcottner
added
the
stale
For marking issues as stale. Labeled issues will be closed soon if label is not removed.
label
Jul 23, 2024
I'm trying to get Kinto to run in a development setup with docker, OpenID (Authentik for now) and behind SSL. However, that requires the kinto application running in the container to trust the ssl certificate of the OpenID provider, which is self-signed.
I made a custom kinto image and added the root certificate to the usual trust store. I can run wget and curl from that image no problem, but kinto and urllib3 don't want to have anything to do with it.
As far as I have come so far, urllib3 uses pyOpenSSL so it should use that truststore. Also the certificate file seems correctly installed as a pem file. There are instructions in the urllib3 documentation how to change the code to use a custom bundle, but that would mean to change kinto and pyramid...
Is there an obvious thing I'm missing?
The text was updated successfully, but these errors were encountered: