search

stateofca / opencred

OpenCred Verifiable Credentials Platform
BSD 3-Clause "New" or "Revised" License
46 stars 11 forks source link

“Service Unavailable” when trying to run via Docker #6

Open stevaner opened 3 months ago

stevaner commented 3 months ago

I am trying to run the app via Docker with the following config (the diff between combined.yaml and config.example.yaml):

app:
  server:
     baseUri: "https://localhost"
  opencred:
    caStore:
      - pem: |
          -----BEGIN CERTIFICATE-----
          MYCERT
          -----END CERTIFICATE-----
    signingKeys:
      - type: ES256
        privateKeyPem: |
          -----BEGIN EC PRIVATE KEY-----
          MYPRIVATEKEY
          -----END EC PRIVATE KEY-----
        publicKeyPem: |
          -----BEGIN PUBLIC KEY-----
          MYPUBKEY
          -----END PUBLIC KEY-----
        purpose:
          - id_token
          - authorization_request
  …
  enableAudit: false

I’m getting Service Unavailable when I visit https://localhost:22443. Any idea what the problem is?

mattcollier commented 3 months ago

This flag controls whether the app will run on HTTP only (not HTTPS).

If you run with httpOnly = false, the server will operate on the HTTPS ports using a self-signed certificate.

The httpOnly = true setting is appropriate when running behind a tunnel or load balancer that provides TLS as explained in the readme: https://github.com/stateofca/opencred/tree/main?tab=readme-ov-file#optional-remote-tunnel-setup

https://github.com/stateofca/opencred/blob/main/configs/server.js#L13