SSL verify issue

[pigri]

Hi!

Do you have experience with Supabase and SSL verification issues?

starttls: error:0A000086:SSL routines::certificate verify failed: unable to get local issuer certificate

I think that's connecting, but I'm not sure. daurnimator/lua-http#217

SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384

[AndreMiras]

It doesn't ring the bell, but I haven't used it for a while.
To me that looks like a system level issue, like outdated system root certificates or something.
Keep me posted as you get more info.

[pigri]

It's not outdated; everything is fresh.

I created a test environment. You can quickly reproduce the issue. I want to use exceptional cases with Openresty instead of pure Lua.

https://github.com/pigri/postgrest-openresty-test

cp .env.example .env
docker compose build
docker compose up
curl localhost:8000

[pigri]

I switched from lua-http to lua-resty-http, and it is functioning correctly.

    local res, err = httpc:request_uri(http_util.encodeURI(url), {
        method = method,
        body = payload and json_implementation.encode(payload),
        headers = headers
    })

[AndreMiras]

Thanks for digging into it and thanks for creating a minimal standalone reproduction project.
I'll try to look this up when I get a chance.
I'm not too sure how a HTTP library would behave this way over the other.
Maybe we could make it possible to pass the HTTP client of our choice with some dependency injection, just like it's done for the JSON decoder

[pigri]

Yeah, that's not a bad idea. I will check it.