Closed vkbandi closed 1 year ago
Hi @vkbandi - Thanks for opening this issue! I'll reach out to the rest of the team and we'll get back to you 👍
Hi, I all node.js applications you can allow any self-signed certificates by setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED=0
(see official node.js docs).
How you would do this with docker then would be:
docker run \
-e NODE_TLS_REJECT_UNAUTHORIZED=0 \
-e UNLEASH_PROXY_CLIENT_KEYS=some-secret \
-e UNLEASH_URL=https://app.unleash-hosted.com/demo/api/ \
-e UNLEASH_API_TOKEN=56907a2fa53c1d16101d509a10b78e36190b0f918d9f122d \
-p 3000:3000 \
unleashorg/unleash-proxy
Hi @ivarconr Thanks for replying, I tried with setting NODE_TLS_REJECT_UNAUTHORIZED=0 in docker environment variables and also by creating a node js application to act as unleash proxy, but it never worked. Maybe Im missing something her.
But the only config that worked is setting the httpOptions: { rejectUnauthorized: false } in the node js application.
I see. Maybe we need to support that as a configurable option then. Do you mind looking in to a PR?
Sorry for the late reply, let me try to create a PR, it will take some time though
Sorry for the delay, need few more days to work on this
When using unleash proxy docker image, it is not possible to configure it to allow self signed certificates, I have tried using the environment variables
NODE_EXTRA_CA_CERTS
andNODE_TLS_REJECT_UNAUTHORIZED
, both doesn't appear to stop the "request to https://gitlab.example.com/api/v4/feature_flags/unleash/000000/client/register failed, reason: self signed certificate in certificate chain" error.The only workaround is to run the unleash proxy as a node js application and adding
httpOptions: { rejectUnauthorized: false }
in the createApp configurationExample
If the value for httpOptions.rejectUnauthorized can be read from the Environment variables, then we can use the unleash proxy with the provided docker image