Comments (8)
mefellows
commented on August 18, 2024
In the first scenario (verification disabled), an HTTP 400 is unrelated to certificates, are you sure it's not another issue? What does the response contain?
Also see the section in https://github.com/pact-foundation/pact_broker/wiki/Configuration#webhook-whitelists for how to add custom certs to the system.
from pact_broker-docker.
bethesque
commented on August 18, 2024
Closing due to lack of response - please feel free to reopen with more information if you are still facing this issue @davidkgp
from pact_broker-docker.
davidkgp
commented on August 18, 2024
@bethesque the issue is solved.The script was not working for me,but would work for a lot of people as I was lacking in few dependencies for the script.But I would like to point out for few users who may have faced a similar issue,the certificate chain(PEM format) for the webhook(in case using a corporate CI) have to be put into the content column of the certificates table in the pact broker database. Before execution of the webhook these certificates are loaded into the trust store by the broker and the webhook executed.It would be really nice if this can be part of the documentation because most people will be working in a corporate SSL env.
from pact_broker-docker.
bethesque
commented on August 18, 2024
Thanks @davidkgp. I assume the script did not work for you because you ran it on an environment that did not have ruby or mysql?
I will update the docs to make this clearer, and explain how to add it without the script.
I really need to create an endpoint for adding the certificates - it just hasn't gotten to the top of the priority list yet.
from pact_broker-docker.
bethesque
commented on August 18, 2024
I've just added a brief section here @davidkgp https://github.com/pact-foundation/pact_broker/wiki/Configuration#webhook-ssl-certificates
from pact_broker-docker.
davidkgp
commented on August 18, 2024
Two points I like to be highlighted in the documentation if possible
- Please do not use 'self signed certificate' term as it sometimes misleads,Normally if you are working in a corporate environment,your CI's or gitlabs will have certificates provided by corporate pki.
- At the very core of this approach is that the certificate content has to be in the certificates table,some people may use the script(mostly it will work) or others may go to the data base and do it old school way.Because I was stuck in this for few weeks and don't want others to have the same pain
from pact_broker-docker.
bethesque
commented on August 18, 2024
What is a better term for the type of certificate @davidkgp? I will add the info about the table.
from pact_broker-docker.
mefellows
commented on August 18, 2024
That's the very definition of a self-signed certificate. You have your own CA, which you use to sign and then issue your own certificates.
from pact_broker-docker.
Related Issues (20)
- Pact Broker fails to connect to Aurora PostgreSQL database HOT 5
- docker image does not create/seed sqlite database out of the box HOT 3
- Chore: migrate away from TravisCI
- Multiple vulnerabilities present in dius/pact-broker image v2.68.1.0 HOT 7
- version 2.88.0.0 doesn't use value of PACT_BROKER_DATABASE_PORT HOT 4
- What volumes should I mount on my docker-compose to persist data HOT 12
- Document how to configure the pact broker HOT 3
- schema migration table missing in pact-broker:2.23.0-1 HOT 4
- Webhook Execution Status not visible HOT 1
- ERROR: for pact_broker_app_1 Cannot start service broker_app: driver failed programming external connectivity on endpoint pact_broker_app_1 HOT 2
- Example `docker-compose up` does not start successfully due to passenger/RVM. HOT 3
- Run application as app user instead of root user? HOT 13
- runit daemon is shut down after passenger starts & connects to db HOT 1
- [question] How to define PostgreSQL slave / failover? HOT 2
- Webhook not triggered with multiple providers after deleting one webhook HOT 2
- Large pacts over 1mb are rejected by nginx config HOT 6
- Cloud Foundry Push dockerized image HOT 4
- Expose postgres sslmode via environment variable
- Upgrade to latest version of Ruby Passenger docker image
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pact_broker-docker.