jblaine
commented
8 years ago It is a major blocker too when Artifactory is served via HTTPS using certificates signed by an internal enterprise CA as well.
Closed mithun closed 8 years ago
jblaine
commented
8 years ago It is a major blocker too when Artifactory is served via HTTPS using certificates signed by an internal enterprise CA as well.
jgibson
commented
8 years ago First of all, for a complete fix you'll also have to update download.js.
I just fixed this locally in a hackish way by using config.ca.search[0]. However, a proper implementation requires a fix in bower itself. The other resolvers (ex. GitHub, Url) use the ca.default configuration option, and the Artifactory resolver probably should too. Unfortunately the ca.default option doesn't support reading multiple CA certificates from a file: bower/config#33. Once that issue is resolved then the fix is pretty straight-forward.
eyalbe4
commented
8 years ago @jgibson, can you please share your fix? Do you think it can be merged to the Artifactory resolver code to fix the issue?
jgibson
commented
8 years ago While we could merge my fix it probably would not work properly for anyone who uses multiple registries. Once bower/config#33 is fixed that would let us resolve the issue correctly.
Also, I would need to get approval from my employer to sign the Contributor License Agreement.
The resolver does not recognize and pass-thru [1] the SSL certificate configurations [2] from .bowerrc. This is a major blocker when Artifactory is served via HTTPS using self-signed certificates.
I can currently work around this by setting "ssl-strict" to false, but I would rather not do that.
[1] https://github.com/JFrogDev/bower-art-resolver/blob/master/lib/request.js#L12 [2] https://github.com/bower/spec/blob/master/config.md#ca