Closed ricardogama closed 9 months ago
Welcome! Thanks for posting your first issue. The way things work here is that while customer issues are prioritized, other issues go into our backlog where they are assessed and fitted into the roadmap when suitable. If you need to get this done, consider buying a license which also enables you to use it in your commercial products. More information can be found on https://unidoc.io/
Hi @ricardogama,
Do you build the unipdf inside the docker? probably can help us to replicate this issue or share the Dockerfile?
Best regards
@sampila Sure, this will illustrate the problem:
main.go
package main
import (
"fmt"
"os"
"github.com/unidoc/unipdf/v3/common/license"
)
func main() {
if err := license.SetMeteredKey(os.Getenv("UNIDOC_KEY")); err != nil {
panic(err)
}
fmt.Println("ok")
}
Dockerfile
FROM golang:1.21.1
WORKDIR /src
RUN apt update \
&& apt install -y --no-install-recommends \
ca-certificates
ADD . /src
RUN go build main.go
ENV UNIDOC_KEY foobar
CMD ["/src/main"]
Build the image:
▶ docker build --progress=plain -t builder .
Run the image:
▶ docker run builder
panic: Post "https://cloud.unidoc.io/api/metered/status": tls: failed to verify certificate: x509: certificate signed by unknown authority
goroutine 1 [running]:
main.main()
/src/main.go:12 +0x84
Thanks, we will check this issue
Hi @ricardogama,
We tried to build several times, but couldn't reproduce the issue, here's what we got
docker run builder
{OK:true Credits:110 Used:11}
ok
The Dockerfile
FROM golang:1.21.1
WORKDIR /src
RUN apt update \
&& apt install -y --no-install-recommends \
ca-certificates
ADD . /src
RUN go build main.go
ENV UNIDOC_KEY "you_api_key"
CMD ["/src/main"]
Our main.go
package main
import (
"fmt"
"os"
"github.com/unidoc/unipdf/v3/common/license"
)
func main() {
if err := license.SetMeteredKey(os.Getenv("UNIDOC_KEY")); err != nil {
panic(err)
}
state, err := license.GetMeteredState()
if err != nil {
panic(err)
}
fmt.Printf("%+v\n", state)
fmt.Println("ok")
}
Looks like the issue is because the ca-certificates not being added into docker image.
Strange you couldn't reproduce with the exact same Dockerfile, but I found a fix in the meanwhile.
The workaround is to manually add the certificate to the image, something like this:
FROM golang:1.21.1
WORKDIR /src
RUN apt update \
&& apt install -y --no-install-recommends \
ca-certificates openssl
RUN openssl s_client -showcerts -connect cloud.unidoc.io:443 </dev/null 2>/dev/null | openssl x509 -outform PEM > unidoc.pem \
&& cp unidoc.pem /usr/local/share/ca-certificates/unidoc.crt \
&& update-ca-certificates --fresh
ADD . /src
RUN go build main.go
ENV UNIDOC_KEY foobar
CMD ["/src/main"]
Maybe it will help someone in the future, thanks for your time!
Hi @ricardogama, yes pretty strang.
Thank you for the solution that you are providing.
While building a Docker image based on
ubuntu:jammy
, the request to register the metered key fails with a TLS error:The Dockerfile is pretty simple, installing CA certificates via
apt install ca-certificates
:Since the code is obfuscated it's very hard to debug the issue, any help is pretty welcome :)