curl SSL certs

[fbergamelli]

Hello,

I'm trying to setup a selfhosted keygen.sh. So far I've created a docker compose file that creates :

• redis container
• pgres container
• keygen-web container
• keygen-worker container
• caddy container
• test container

In the test container, if I run:
# curl -I https://api.keygen.localhost/v1/ping

I get the following:

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

If I run
# curl -kI https://api.keygen.localhost/v1/ping

I get

HTTP/2 200 alt-svc: h3=":443"; ma=2592000 cache-control: no-store content-security-policy: default-src 'none'; report-uri /-/csp-reports; report-to csp-reports; content-type: application/vnd.api+json keygen-account-id: keygen-bearer-id: keygen-edition: CE keygen-environment: keygen-license: keygen-mode: singleplayer keygen-token-id: ......

How can I solve the SSL certs problem ? Something similar also happens running

# keygen-cli new --account 'XXXX-YYYY-ZZZZ' --product 'AAAA-BBBB-CCCC-DDDD' --token 'the-token' --channel 'stable' --version '1.0.0' --host https://api.keygen.localhost

[ERROR] Error performing request: method=POST url=https://api.keygen.localhost/v1/releases err=Post "https://api.keygen.localhost/v1/releases": tls: failed to verify certificate: x509: certificate signed by unknown authority

Thank

F.

[fbergamelli]

Hello, nevermind, I've found the solution:

1. Copy /data/caddy/certificates/local/api.keygen.localhost/api.keygen.localhost.crt form the caddy container to the /usr/local/share/ca-certificates folder of the test container

2. On the test container run

update-ca-certificates