When using a custom CA, the connection with minio is not working, with the following error:
unable to verify the first certificate
I tried settings the location of the certificate using the following environment variables: MINIO__CA, NODE_EXTRA_CA_CERTS, and by specifying NODE_OPTIONS=--use-openssl-ca, but none of them are taken into account.
@SamuelHassine This is becoming a more important one with the volume of data that may be stored here IMO, also seems like a simple fix, any chance we can bump this up?
Description
When using a custom CA, the connection with minio is not working, with the following error:
I tried settings the location of the certificate using the following environment variables:
MINIO__CA
,NODE_EXTRA_CA_CERTS
, and by specifyingNODE_OPTIONS=--use-openssl-ca
, but none of them are taken into account.Looking at the code for the minio client (https://github.com/OpenCTI-Platform/opencti/blob/master/opencti-platform/opencti-graphql/src/database/minio.js), I don't think the option for the CA is taken into account:
In the constructor of the minio-js client, we have
this.reqOptions = {}
(https://github.com/minio/minio-js/blob/69a3234e06ba5ede3d79927e32f3d1941dec40f6/src/main/minio.js#L177), this is why I don't think the options are supposed to be passed directly to the constructor, but set afterwards usingsetRequestOptions
(https://github.com/minio/minio-js/blob/69a3234e06ba5ede3d79927e32f3d1941dec40f6/src/main/minio.js#L204)Maybe there is another issue preventing nodejs or minio to access the certificate, but I don't see it.
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
Expected Output
OpenCTI works as expected, using the provided certificate.
Actual Output
OpenCTI is not able to verify the certificate.
Additional information
Screenshots (optional)