Welcome to the Linux Foundation Forum!

token: x509: certificate signed by unknown authority


  1. Any thoughts on how to fix this error that I'm experiencing with the second lab in the Chapter 18?

    Here is my proxy-manifest.yml
    ---
    applications:
      - name: uaa-guard-proxy
        command: proxy
        path: proxy
        memory: 128M
        env:
          GUARD_COOKIE_SECRET: very-secret
          GUARD_DEFAULT_CALLBACK_URL: https://uaa-guard-proxy.local.pcfdev.io/auth/cloudfoundry/callback
          GUARD_LOGIN_URL: https://uaa-lancer78.local.pcfdev.io
          GUARD_CLIENT_KEY: dashboard
          GUARD_CLIENT_SECRET: dashboardsecret

    Here is my uaa-manifest.yml

    #Deploy UAA Server as Cloud Foundry Service
    ---
    applications:
    - name: uaa
      memory: 1024M
      instances: 1
      random-route: false
      buildpack: java_buildpack
      path: uaa.war
      host: uaa-lancer78
      env:
        UAA_URL: http://uaa-lancer78.local.pcfdev.io
        LOGIN_URL: http://uaa-lancer78.local.pcfdev.io
        JBP_CONFIG_SPRING_AUTO_RECONFIGURATION: '{enabled: false}'
        UAA_CONFIG_YAML: |
          spring_profiles: default,hsqldb
          login:
            serviceProviderKey:
    # BEGIN RSA PRIVATE KEY omitted

  1. # BEGIN CERTIFICATE omitted
    jwt:
            token:
              signing-key: tokenKey
          zones:
           internal:
             hostnames:
               - uaa-lancer78.local.pcfdev.io
          database:
            # url: <url starting with jdbc here>
            # username: <db username>
            # password: <db password>
            maxactive: 15
            maxidle: 5
            minidle: 1

    When I try out the site I get the following message:
    /oauth/token: x509: certificate signed by unknown authority

Comments

  • Posts: 13

    Plase try curl -k for cf dev trust

  • Posts: 14
    edited April 2018

    I'm not entirely sure what you mean so I ran a few different commands as listed below:

    Below is the result of curl --cert-status:

    $ curl --cert-status https://web-ui-boisterous-panther.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

    curl: (60) SSL certificate problem: unable to get local issuer certificate

    More details here: https://curl.haxx.se/docs/sslcerts.html

    curl failed to verify the legitimacy of the server and therefore could not

    establish a secure connection to it. To learn more about this situation and

    how to fix it, please visit the web page mentioned above.

    ------------------------------------------------------

    $ curl -k dev trust

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0curl: (6) Could not resolve host: dev

      0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0curl: (6) Could not resolve host: trust

     

    ------------------------------------------------------

    Below are the results of executing curl -k againist the sites:

    $ curl -k http://roster-nice-bat.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100   384  100   384    0     0    546      0 --:--:-- --:--:-- --:--:--   546{

      "_links" : {

        "people_status" : {

          "href" : "http://roster-nice-bat.local.pcfdev.io/people_status{?page,size,sort}",

          "templated" : true

        },

        "people" : {

          "href" : "http://roster-nice-bat.local.pcfdev.io/people{?page,size,sort}",

          "templated" : true

        },

        "profile" : {

          "href" : "http://roster-nice-bat.local.pcfdev.io/profile"

        }

      }

    }

    $ curl -k http://web-ui-boisterous-panther.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0    372      0 --:--:-- --:--:-- --:--:--   372<a href="/auth">Temporary Redirect</a>.

    $ curl -k http://uaa-lancer78.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

    $ curl -k http://uaa-guard-proxy.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0    525      0 --:--:-- --:--:-- --:--:--   525<a href="/auth">Temporary Redirect</a>.

    $ curl -k https://uaa-guard-proxy.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0    872      0 --:--:-- --:--:-- --:--:--   872<a href="/auth">Temporary Redirect</a>.

    $ curl -k https://uaa-lancer78.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

    $ curl -k https://web-ui-boisterous-panther.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100    41  100    41    0     0   2562      0 --:--:-- --:--:-- --:--:--  2562<a href="/auth">Temporary Redirect</a>.

    $ curl -k https://roster-nice-bat.local.pcfdev.io

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100   387  100   387    0     0   4961      0 --:--:-- --:--:-- --:--:--  4961{

      "_links" : {

        "people_status" : {

          "href" : "https://roster-nice-bat.local.pcfdev.io/people_status{?page,size,sort}",

          "templated" : true

        },

        "people" : {

          "href" : "https://roster-nice-bat.local.pcfdev.io/people{?page,size,sort}",

          "templated" : true

        },

        "profile" : {

          "href" : "https://roster-nice-bat.local.pcfdev.io/profile"

        }

      }

    }

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Categories

Upcoming Training