@joseph Thanks Joseph. I’ll work on your suggestion. Meanwhile, for kasm, this appears to be the actual solution https://kasmweb.atlassian.net/wiki/spaces/KCS/pages/28835845/How+to+add+a+custom+CA+Certificate+Authority+Chain+to+Kasm+service+containers#Scenario-2%3A-You-need-to-register-a-custom-CA-certificate-to-allow-Kasm’s-services-(ie%3A-kasm_api)-to-access-network-resources-that-require-acceptance-of-a-custom-CA.
I
insuusvenerati
@insuusvenerati
Posts
-
RequestError: unable to verify the first certificate -
RequestError: unable to verify the first certificateEnabling debug mode on the oidc provider config on Kasm side fixes the issue. https://kasmweb.com/docs/latest/guide/oidc.html#configuration
-
RequestError: unable to verify the first certificateHere’s an error stacktrace from KasmWorkspaces which is external and I have configured for oidc with cloudron
Unhandled exception occurred Traceback (most recent call last): File "urllib3/connectionpool.py", line 466, in _make_request File "urllib3/connectionpool.py", line 1095, in _validate_conn File "urllib3/connection.py", line 730, in connect File "urllib3/connection.py", line 909, in _ssl_wrap_socket_and_match_hostname File "urllib3/util/ssl_.py", line 469, in ssl_wrap_socket File "urllib3/util/ssl_.py", line 513, in _ssl_wrap_socket_impl File "ssl.py", line 455, in wrap_socket File "ssl.py", line 1041, in _create File "ssl.py", line 1319, in do_handshake ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)I get similar SSL errors with other apps when oidc is used. Internal or not
-
RequestError: unable to verify the first certificate@joseph Depends on what you mean by valid certs
I added mkcert certs to Cloudron and have the CA trusted on my Mac so there aren’t errors in the browser. I just need to somehow ensure the other apps trust these certs as well -
RequestError: unable to verify the first certificateHello! I'm trying to setup Surfer and get the error
{ "status": "Internal Server Error", "message": "Issuer.discover() failed.\n RequestError: unable to verify the first certificate\n RequestError: unable to verify the first certificate" }when visiting the
/_adminpage. Running v8.2.3. The only thing is i'm using manually managed DNS because it's on an internal only domain / network that I manage through technitium dns. This actually happens with a lot of apps that use OIDC for login as well like Matrix Synapse. With Surfer, though, I can't manually manage users so I have to get the issue fixed at this point.