You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Error message shown once the authentication happened on the OAuth provider:
level=error msg="parsing extra id_token failed:failed to fetch \"https://192.168.56.1/oauth/v2/keys\": Get \"https://192.168.56.1/oauth/v2/keys\": x509: certificate signed by unknown authority" component=auth method=GET remote_addr="172.21.0.4:45840" url="/oauth/generic/callback?code=...
The same happens when using the CLI option --generic-insecure in the command section of the docker-compose
The text was updated successfully, but these errors were encountered:
bossm8
changed the title
OAuth with id_token and self signed certificate not working
OAuth with self signed certificate not working
Jan 11, 2023
FYI: the only way to get it working for me was to inject the certificate in a "non regular" way within system trusted store at container startup like below:
# for unknown reason , update-ca-certificates standard way doesn’t work as expected
cat "/usr/share/ca-certificates/my-ca.crt" >> /etc/ssl/certs/ca-certificates.crt
# starting chronograf
chronograf $@
testing using image digest: sha256:388abdaf401707b186f9d5702858f4677eb03fd673f5a399101f12a1adc1eb18
Using the docker container
chronograf:1.10
Chronograf fails when using an OAuth provider which has a self signed certificate, even when the environment
GENERIC_INSECURE
is set to true (#5491).docker-compose snippet containing the environment settings
Error message shown once the authentication happened on the OAuth provider:
The same happens when using the CLI option
--generic-insecure
in thecommand
section of the docker-composeThe text was updated successfully, but these errors were encountered: