Open Jauchi opened 1 month ago
Hello @Jauchi. Thanks for trying zot!
I'm not sure what is the problem but I took a guess and pushed a patch for this: https://github.com/project-zot/zot/pull/2558 Can you try it please?
Also, can you post the logs please?
Thank you!
Hi there! Sorry for the late response - I actually tried running your commit and didn't realize that your forked was a lot older than expected, so I was hitting errors I couldn't explain before (all good now and I learned a couple of things about docker as well ;).
Right, I ran 1.2.0 with your patch applied:
tlsVerify
still has no effectcertDir
also does nothingNot quite sure what you mean by log, is this what you're looking for? log.txt helm_values.txt
Right, I ran 1.2.0 with your patch applied
Sorry, meant 2.1.0 - everything else still applies.
{"level":"error","error":"Get \"https://registry.p1ng.link/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown
@Jauchi the host above has an invalid certificate - the issuer is unknown and hence unsafe. Is this really what you want? If so, would just download the CA cert and launch zot from a container.
Hi there!
Correct, that's exactly what I tried to do using certDir
. When that failed, I set tlsVerify
to false, which also did not work - hence the issue.
According to my understanding, the helm_values.txt should be set correctly, that's why I'm assuming it's a bug with zot.
https://github.com/project-zot/zot/pull/2558 ^ does this fix your issue?
2558 ^ does this fix your issue?
No, I don't think it does, doesn't seem to have any effect. Maybe I messed something up. Could you check whether or not you get an error with an invalid SSL certificate? https://untrusted-root.badssl.com/ as URL should work when skipping CA checks (but will fail because it's not a registry)
https://github.com/project-zot/zot/issues/2557#issuecomment-2243551441
zot version
v2.1.0 (docker/helm)
Describe the bug
Hello! It seems like the sync plugin does not respect the
tlsVerify
setting.To reproduce