search

ramosbugs / oauth2-rs

Extensible, strongly-typed Rust OAuth2 client library
Apache License 2.0
908 stars 159 forks source link

Q: Error SSL certificate #276

Open cberdaguer31 opened 4 months ago

cberdaguer31 commented 4 months ago

Hello,

First thanks for your hard work on this crate and its great ! I'm finding in trouble regarding obtaining the access token, I got some SSL error certificate on my VPS. How can I add the certificate inside the reqwest client ?

I'v followed the example but I'm not able to do so : let code_auth = AuthorizationCode::new(code.to_string().clone()); let response = client .exchange_code(code_auth) .request_async(async_http_client) .await;

Where is the place to issue my certificate ? I'm new to rust and all oauth2 protocol so sorry if this question seems stupid ^^'

The error I'm getting for reference : ERROR: Request(Reqwest(reqwest::Error { kind: Request, url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("discord.com")), port: None, path: "/api/oauth2/token", query: None, fragment: None }, source: hyper::Error(Connect, Ssl(Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 369098857, library: "STORE routines", function: "ossl_store_get0_loader_int", reason: "unregistered scheme", file: "../crypto/store/store_register.c", line: 237, data: "scheme=file" }, Error { code: 2147483650, library: "system library", function: "file_open", file: "../providers/implementations/storemgmt/file_store.c", line: 267, data: "calling stat(/usr/lib/ssl/certs)" }, Error { code: 369098857, library: "STORE routines", function: "ossl_store_get0_loader_int", reason: "unregistered scheme", file: "../crypto/store/store_register.c", line: 237, data: "scheme=file" }, Error { code: 2147483650, library: "system library", function: "file_open", file: "../providers/implementations/storemgmt/file_store.c", line: 267, data: "calling stat(/usr/lib/ssl/certs)" }, Error { code: 369098857, library: "STORE routines", function: "ossl_store_get0_loader_int", reason: "unregistered scheme", file: "../crypto/store/store_register.c", line: 237, data: "scheme=file" }, Error { code: 2147483650, library: "system library", function: "file_open", file: "../providers/implementations/storemgmt/file_store.c", line: 267, data: "calling stat(/usr/lib/ssl/certs)" }, Error { code: 167772294, library: "SSL routines", function: "tls_post_process_server_certificate", reason: "certificate verify failed", file: "../ssl/statem/statem_clnt.c", line: 1889 }]))) }, X509VerifyResult { code: 20, error: "unable to get local issuer certificate" })) }))

I'v tried with Google and Discord provider and got same error.

Thanks in advance and feel free to close this issue if its not the right place :)

loxs commented 2 weeks ago

This usually means that you don't have root SSL certificates installed on the system or reqwest is not able to find them. In barebones linux systems (especially in Docker if you base your image on something like debian-slim), this is a fact (no certificates). What I usually do is install curl on that system, which pulls everything needed.