Welcome to the Linux Foundation Forum!

token: x509: certificate signed by unknown authority


Any thoughts on how to fix this error that I'm experiencing with the second lab in the Chapter 18?

Here is my proxy-manifest.yml
---
applications:
  - name: uaa-guard-proxy
    command: proxy
    path: proxy
    memory: 128M
    env:
      GUARD_COOKIE_SECRET: very-secret
      GUARD_DEFAULT_CALLBACK_URL: https://uaa-guard-proxy.local.pcfdev.io/auth/cloudfoundry/callback
      GUARD_LOGIN_URL: https://uaa-lancer78.local.pcfdev.io
      GUARD_CLIENT_KEY: dashboard
      GUARD_CLIENT_SECRET: dashboardsecret

Here is my uaa-manifest.yml

#Deploy UAA Server as Cloud Foundry Service
---
applications:
- name: uaa
  memory: 1024M
  instances: 1
  random-route: false
  buildpack: java_buildpack
  path: uaa.war
  host: uaa-lancer78
  env:
    UAA_URL: http://uaa-lancer78.local.pcfdev.io
    LOGIN_URL: http://uaa-lancer78.local.pcfdev.io
    JBP_CONFIG_SPRING_AUTO_RECONFIGURATION: '{enabled: false}'
    UAA_CONFIG_YAML: |
      spring_profiles: default,hsqldb
      login:
        serviceProviderKey:
# BEGIN RSA PRIVATE KEY omitted

# BEGIN CERTIFICATE omitted
jwt:
        token:
          signing-key: tokenKey
      zones:
       internal:
         hostnames:
           - uaa-lancer78.local.pcfdev.io
      database:
        # url: <url starting with jdbc here>
        # username: <db username>
        # password: <db password>
        maxactive: 15
        maxidle: 5
        minidle: 1

When I try out the site I get the following message:
/oauth/token: x509: certificate signed by unknown authority

Comments

  • vlaskovic
    vlaskovic Posts: 13

    Plase try curl -k for cf dev trust

  • Pete-Letkeman
    Pete-Letkeman Posts: 14
    edited April 2018

    I'm not entirely sure what you mean so I ran a few different commands as listed below:

    Below is the result of curl --cert-status:

    $ curl --cert-status https://web-ui-boisterous-panther.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

    curl: (60) SSL certificate problem: unable to get local issuer certificate

    More details here: https://curl.haxx.se/docs/sslcerts.html

    curl failed to verify the legitimacy of the server and therefore could not

    establish a secure connection to it. To learn more about this situation and

    how to fix it, please visit the web page mentioned above.

    ------------------------------------------------------

    $ curl -k dev trust

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0curl: (6) Could not resolve host: dev

      0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0curl: (6) Could not resolve host: trust

     

    ------------------------------------------------------

    Below are the results of executing curl -k againist the sites:

    $ curl -k http://roster-nice-bat.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100   384  100   384    0     0    546      0 --:--:-- --:--:-- --:--:--   546{

      "_links" : {

        "people_status" : {

          "href" : "http://roster-nice-bat.local.pcfdev.io/people_status{?page,size,sort}",

          "templated" : true

        },

        "people" : {

          "href" : "http://roster-nice-bat.local.pcfdev.io/people{?page,size,sort}",

          "templated" : true

        },

        "profile" : {

          "href" : "http://roster-nice-bat.local.pcfdev.io/profile"

        }

      }

    }

    $ curl -k http://web-ui-boisterous-panther.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0    372      0 --:--:-- --:--:-- --:--:--   372<a href="/auth">Temporary Redirect</a>.

    $ curl -k http://uaa-lancer78.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

    $ curl -k http://uaa-guard-proxy.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0    525      0 --:--:-- --:--:-- --:--:--   525<a href="/auth">Temporary Redirect</a>.

    $ curl -k https://uaa-guard-proxy.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0    872      0 --:--:-- --:--:-- --:--:--   872<a href="/auth">Temporary Redirect</a>.

    $ curl -k https://uaa-lancer78.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

    $ curl -k https://web-ui-boisterous-panther.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0   2562      0 --:--:-- --:--:-- --:--:--  2562<a href="/auth">Temporary Redirect</a>.

    $ curl -k https://roster-nice-bat.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100   387  100   387    0     0   4961      0 --:--:-- --:--:-- --:--:--  4961{

      "_links" : {

        "people_status" : {

          "href" : "https://roster-nice-bat.local.pcfdev.io/people_status{?page,size,sort}",

          "templated" : true

        },

        "people" : {

          "href" : "https://roster-nice-bat.local.pcfdev.io/people{?page,size,sort}",

          "templated" : true

        },

        "profile" : {

          "href" : "https://roster-nice-bat.local.pcfdev.io/profile"

        }

      }

    }

Categories

Upcoming Training