You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
TL;DR: lhci/cli won't complete the wizard due to self-signed cert in the lhci server
Steps:
deploy lhci-server in k8s, add ingress with self signed cert for "lhci.mycompany.com"
verify web page is up, asks to run wizard (https works fine, as machine trusts ca)
in linux machine install @lhci/cli@0.4.x
Attempt to create new project with wizard:
lhci wizard
? Which wizard do you want to run? new-project
? What is the URL of your LHCI server? https://lhci.mycompany.com/
? What would you like to name the project? w01
? Where is the project's code hosted? https://github.com/mycompany/myrepo? What branch is considered the repo's trunk or main branch? master
FetchError: request to https://lhci.mycompany.com/v1/projects failed, reason: self signed certificate in certificate chain
at ClientRequest.<anonymous> (/usr/lib/node_modules/@lhci/cli/node_modules/node-fetch/index.js:133:11)
at ClientRequest.emit (events.js:315:20)
at TLSSocket.socketErrorListener (_http_client.js:426:9)
at TLSSocket.emit (events.js:315:20)
at emitErrorNT (internal/streams/destroy.js:92:8)
at emitErrorAndCloseNT (internal/streams/destroy.js:60:3)
at processTicksAndRejections (internal/process/task_queues.js:84:21)
I tried different options I found online. Change the setting, run wizard, next... but all returned the same error:
Add ca to OS trusted repo (cp ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates)
Add ca to node config npm config set ca ca.crt, npm config set ca ca.crt -g
Remove node ca setting npm config set ca ''
Modify node strict-ssl npm config set strict-ssl=false
Docker image used: docker.io/patrickhulce/lhci-server:0.4.2
Node version installed on linux client: v12.18.2
note: using node 12.x to match the lhci-server:0.4.2 image.
Is there a way to make lhci/cli trust my self-signed certificates?
Thanks!
The text was updated successfully, but these errors were encountered:
export NODE_TLS_REJECT_UNAUTHORIZED='0'
lhci wizard
...
? What branch is considered the repo's trunk or main branch? master(node:1124) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.Created project test01 (3e4ea8e6-7ca1-4aea-8033-e101f7a48ca1)!
Is there a way to make lhci cli trust the ca cert?
As I mentioned in the opening post, the Linux machine already trusts the self signed CA (quick test: curl https://lhci.mycompany.com without -k).
I guess lhci (or npm?) are not using the same ca store as the OS.
Either way glad you got it working! We're not going to be adding anything in LHCI to workaround this for the wizard case, so I'm going to go ahead and close this issue.
TL;DR: lhci/cli won't complete the wizard due to self-signed cert in the lhci server
Steps:
@lhci/cli@0.4.x
I tried different options I found online. Change the setting, run wizard, next... but all returned the same error:
cp ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates
)npm config set ca ca.crt
,npm config set ca ca.crt -g
npm config set ca ''
npm config set strict-ssl=false
Docker image used: docker.io/patrickhulce/lhci-server:0.4.2
Node version installed on linux client: v12.18.2
note: using node 12.x to match the lhci-server:0.4.2 image.
Is there a way to make lhci/cli trust my self-signed certificates?
Thanks!
The text was updated successfully, but these errors were encountered: