Closed zirus001 closed 1 week ago
Hi @zirus001 Your issue sounds very similar to this discussion in our forums, and may have the same solution: https://github.com/NUWCDIVNPT/stig-manager/discussions/1046#discussioncomment-6641894
To my knowledge, there is no native way to pull a container with the SIPR DoD certs. You will need to make the CA for the Keycloak certificate available to STIGMan using the NODE_EXTRA_CA_CERTS environment variable (and provide that CA in a volume to the container, mapped to the location specified in the envvar).
The above solution would apply if you are using an HTTPS URL for the value specified by STIGMAN_OIDC_PROVIDER to tell STIGMan how to find Keycloak. If Keycloak and STIGMan are running behind the same proxy handling https for you, you may be able to talk directly to keycloak with HTTP. Check the discussion for more details there.
Since this is most likely an issue with the deployment rather than the app, I'll close the issue for now. Check out that discussion and see if anything there helps, and perhaps open a discussion in our forums if you need to. If you still have issues, providing your docker-compose file (if using one) may be helpful as well.
Is there an existing issue for this?
Are you using the latest version of STIG Manager?
Where are you experiencing the issue?
Current Behavior
We have a fully operational STIG Manager on our unclassified system. However, we are having issues with building one on our classified network. We have replaced everything we can think of but when we start the STIG Manager api via docker we get the error "Unable to verify first certificate".
We suspect that the image we used on the unclass side "nuwcdivnpt/stig-manager:latest-ironbank" is using the unclass DOD certificates. Is there a native way to pull the docker image on SIPR? if not what would be the steps to get the SIPR DoD certificates on the image?
Expected Behavior
No response
Steps To Reproduce
No response
Can you provide screenshots, logs, or other useful artifacts?
No response
Describe your Environment