search

webpwnized / mutillidae-docker

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.
GNU General Public License v3.0
80 stars 36 forks source link

Docker compose up failed: unable to access 'https://***/mutillidae.git/' - ca-certificates.crt CRLfile: none #20

Closed alex-pancho closed 1 day ago

alex-pancho commented 1 day ago

When I run docker compose -f .build/docker-compose.yml up --build --detach I get an error when cloning mutillidae was started:

Cloning into 'mutillidae'...
fatal: unable to access 'https://github.com/webpwnized/mutillidae.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

I try add to Dockerfile new coomand for update certificates, but this doesnt work for my:

 cd /tmp && \
    apt-get install --reinstall ca-certificates && \
    git config --global http.sslCAinfo /etc/ssl/certs/ca-certificates.crt && \
    git clone https://github.com/webpwnized/mutillidae.git mutillidae && \
webpwnized commented 1 day ago

The issue cannot be duplicated on a network with a direct connection to the Internet. Therefore, you may be behind a proxy that performs TLS inspection such as a corporate or business network, or a commercial Wi-Fi that inspects traffic using a local certificate issued by a captive portal. You may retry using a network with a direct connection, or temporarily (only to debug), bypass certificate verification in the Dockerfile (but don't leave this setting because it creates a security risk).

RUN git config --global http.sslVerify false