Content
Local root certificates in Docker for HTTPS webhooks
Added by Bob Jones about 1 year ago
When using an Nginx HTTPS reverse proxy with self-signed root certificate chain, webhooks error with:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
Using https://webhook.site/ for testing, everything works correctly due to valid Root CA's.
Using https://github.com/webhooksite/webhook.site for local testing behind the proxy using HTTP, everything works correctly without SSL/TLS.
When testing from the web container using curl -X POST
https://webhook.example.com/abc123
, it fails due to invalid certificates, therefore added local root certificate via update-ca-certificates
and the curl command now works, webhooks still fail.
Therefore, I think that REST API is not using /etc/ssl/certs/
as the certificate store when the webhooks are sent. Is there a method for including a local root certificate into the container that Ruby will use when sending webhooks?
FYI, I've had a look around ./rest-client-2.1.0/lib/restclient/request.rb
and found # If there's no CA file, CA path, or cert store provided, use default
, but not where I can affect a change or identify the defaults.