search

docksal / addons

Community driven, submit your addon! Docksal addons that can be installed via `fin addon install` command.
MIT License
16 stars 34 forks source link

ERROR: no Firefox and/or Chrome/Chromium security databases found #74

Closed Mykola-Veryha closed 3 years ago

Mykola-Veryha commented 3 years ago 
  $ fin addon install mkcert -g
  Downloading addon hook files...
    mkcert.pre-install
  Running pre-install hook...
  [PRE-INSTALL] INFO: Installing mkcert...
  ################ 100,0%
  ################ 100,0%
  [PRE-INSTALL] INFO: mkcert version v1.4.1 installed
  [PRE-INSTALL] INFO: Initializing mkcert
  Created a new local CA at "/root/.local/share/mkcert" 💥
  The local CA is now installed in the system trust store! ⚡️
  ERROR: no Firefox and/or Chrome/Chromium security databases found
  $ fin mkcert create
  Using the local CA at "/home/veryha/.local/share/mkcert" ✨
  Warning: the local CA is not installed in the system trust store! ⚠️
  Warning: the local CA is not installed in the Firefox and/or Chrome/Chromium trust store! ⚠️
  Run "mkcert -install" to avoid verification errors ‼️

  Created a new certificate valid for the following names 📜
   - "*.ssfh.docksal"
   - "ssfh.docksal"

  Reminder: X.509 wildcards only go one level deep, so this won't match a.b.ssfh.docksal ℹ️

  The certificate is at "/home/veryha/.docksal/certs/ssfh.docksal.crt" and the key at "/home/veryha/.docksal/certs/ssfh.docksal.key" ✅

  Run fin project restart to load the new cert.

As I can see on the first step mkcert uses "/root/.local/share/mkcert". 

  Created a new local CA at "/root/.local/share/mkcert"

But on the next step "/home/veryha/.local/share/mkcert" 

  Using the local CA at "/home/veryha/.local/share/mkcert"

The reason is here https://github.com/docksal/addons/blob/master/mkcert/mkcert.pre-install

We have the next code:

    echo-green "[PRE-INSTALL] INFO: Initializing mkcert"
    sudo mkcert -install

The install command executed with sudo. But on the other side, we can see that creating a certificate executed without sudo. https://github.com/docksal/addons/blob/master/mkcert/mkcert

create_project_certificate ()
{
    check_project_root
    mkcert -key-file ${CONFIG_CERTS}/${VIRTUAL_HOST}.key -cert-file ${CONFIG_CERTS}/${VIRTUAL_HOST}.crt *.${VIRTUAL_HOST} ${VIRTUAL_HOST}
    if [[ $? == 0 ]]; then
        echo-green "Run ${yellow}fin project restart${NC} to load the new cert."
    fi
}

Can the next command be executed without sudo?

sudo mkcert -install
lmakarov commented 3 years ago

sudo is indeed not necessary. At least I don't see it mentioned anywhere in the docs upstream.

Removed. @Mykola-Veryha let me know if that fixed (or not) your issue.

Mykola-Veryha commented 3 years ago

@lmakarov Yes, it fixed the issue. Thanks