Closed latchkostov closed 7 years ago
Closed. I realized I needed to import CA chain certs into my container.
I ended up adding the following lines to my Dockerfile:
RUN curl -o /usr/share/ca-certificates/my_ca_chain.crt https://somelocation/my_ca_chain.crt
RUN echo "my_ca_chain.crt" >> /etc/ca-certificates.conf && update-ca-certificates
I am using the following Dockerfile to create a container:
It seems that if my container has to make any outbound calls via HTTPS, an exception is thrown, referencing curl:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.CurlException: SSL connect error
This seems to happen even when the remote side has a valid certificate. I have been able to bypass this by attaching the following
HttpHandler
to anHttpClient
, which seems to bypass the issues:What am I missing here, and why am I having to do this as a workaround?
Upon trying to research this, I came across some discussions that a "client certificate" is needed to establish this connection, with no concrete examples.
Also, I am technically using Rancher for our Docker management system, which has a set of infrastructure that these containers run on. Not sure if that makes a difference at all, but figured I would mention it.