OAuth Provider Gitlab And Private Certs

s7509 · October 9, 2024, 3:08pm

Hello Nerds,

I have recently deployed a self-hosted instance. The plan is to use a local gitlab instance for auth. I have followed documentation, however, when an auth is attempt the user is redirected to the penpot login screen. Docker logs shows:

un.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...

I assume the container requires the server’s local CA cert. What is the preferred method to adding said cert to the container - assuming this indeed the issue.

Cheers

s7509 · October 9, 2024, 6:31pm

This was a CA issue.

First attempt was adding my CA cert to the host anchors. No dice. Realizing it was a java keystore that was needed I rebuilt the backend image using the following:

FROM penpotapp/backend:latest

COPY myca.crt /usr/local/share/ca-certificates/

USER 0
RUN keytool -import -noprompt -keystore /opt/jdk/lib/security/cacerts -trustcacerts -file /usr/local/share/ca-certificates/myca.crt
USER 1001

success!!

Topic		Replies	Views
Unable to login to account due to Cookie "auth-token" has been rejected Self hosted Penpot	1	1642	April 25, 2023
Trouble self hosting Penpot Self hosted Penpot	1	640	December 6, 2023
Penpot remotely with Docker and Traefik Ask the community	2	83	September 26, 2024
Logging in a different Computer Self hosted Penpot	2	554	September 18, 2023
First time - unable to login Self hosted Penpot	2	1215	July 5, 2024

OAuth Provider Gitlab And Private Certs

Related topics

Design Freedom for Teams