"Peer's certificate issuer has been marked as not trusted by the user" in Openshift3

git docker openshift tls1.2
Carlos Alberto picture Carlos Alberto · Jul 4, 2017 · Viewed 21.6k times · Source

If S2I - "Source-to-image" resource in Openshift3 tries to connect to a TLS Gitlab repository shows the following message: "Peer's certificate issuer has been marked as not trusted by the user".

How can I instruct Openshift3 which certificates authorities are able to use there? Is there any config/option to bypass this error?

The command entered was:

oc new-app tomcat~https://gitlab.xxx/test/test.git --name=test --strategy=docker

Answer

PhilipGough picture PhilipGough · Jul 5, 2017

For security reasons, you should add a trusted CA source secret to the BuildConfig. To answer your question, you can disable TLS verification by setting an environment variable GIT_SSL_NO_VERIFY to false in the BuildConfig. Checks the docs here for more info.

To pass this directly to the oc new-app command run oc new-app --build-env GIT_SSL_NO_VERIFY=false

Related questions

Clone private git repo with dockerfile

I have copied this code from what seems to be various working dockerfiles around, here is mine: FROM ubuntu MAINTAINER Luke Crooks "[email protected]" # Update aptitude with new repo RUN apt-get update # Install software RUN apt-get install -y git …

Read More
Rebuild Docker container on file changes

For running an ASP.NET Core application, I generated a dockerfile which build the application and copys the source code in the container, which is fetched by Git using Jenkins. So in my workspace, I do the following in the …

Read More
Switching users inside Docker image to a non-root user

I'm trying to switch user to the tomcat7 user in order to setup SSH certificates. When I do su tomcat7, nothing happens. whoami still ruturns root after doing su tomcat7 Doing a more /etc/passwd, I get the following result …

Read More