Closed mohzagh closed 1 year ago
I could not get the SSL settings to work either. I used Caddy as a reverse proxy as detailed in the OpenCTI documentation here
You need to create an attachable network for the OpenCTI platform before you enable caddy otherwise you can't attach caddy to it. that loos like this in your docker compose:
version: '3.7'
networks:
default:
external: true
name: open-cti_attachable
take note of the docker compose version
Issue resolved after removing the parameter 'APP__HTTPS_CERT__CA' from the compose file. Actually the used certificate is not self-signed so according to the official documentation there's no need to specify that parameter.
Prerequisites
Description
The OpenCTI platform was running without any problem using HTTP, but when trying to configure SSL parameters for opencti service, the corresponding container always restarts and shows this log:
TypeError: nlo.map is not a function at createHttpServer (/opt/opencti/build/src/http/httpServer.js:37:25) at /opt/opencti/build/src/http/httpServer.js:103:29 at new Promise ()
at listenServer (/opt/opencti/build/src/http/httpServer.js:101:10)
at Object.start (/opt/opencti/build/src/http/httpServer.js:131:22)
at startModules (/opt/opencti/build/src/modules.js:31:22)
at boot (/opt/opencti/build/src/boot.js:16:11)
at processTicksAndRejections (node:internal/process/task_queues:95:5)
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
Additional information
.env_https:
... OPENCTI_HTTPS_CERT_CA='["/etc/ssl/certs/carootgss.pem"]' OPENCTI_HTTPS_CERT_KEY=/etc/ssl/certs/opencti.pem OPENCTI_HTTPS_CERT_CRT=/etc/ssl/certs/opencti.crt ...
docker-compose-https.yml:
... opencti: image: opencti/platform:5.5.0 environment:
The platform runs successfully with the same SSL parameters in centos 8 environment using podman-compose.
Is there any issue with this configuration?