wizzy icon indicating copy to clipboard operation
wizzy copied to clipboard

Published 20 hours ago verified publisher icon grafana-wizzy

TLS Support ?

Open lconnell opened this issue 7 years ago • 10 comments 

wizzy $ wizzy list dashboards
/usr/local/lib/node_modules/wizzy/src/remote/grafana.js:281
	  			output += 'Grafana API response status code = ' + response.statusCode;
	  			                                                          ^

TypeError: Cannot read property 'statusCode' of undefined
    at Request.saveHandler [as _callback] (/usr/local/lib/node_modules/wizzy/src/remote/grafana.js:281:65)
    at self.callback (/usr/local/lib/node_modules/wizzy/node_modules/request/request.js:188:22)
    at emitOne (events.js:115:13)
    at Request.emit (events.js:210:7)
    at Request.onRequestError (/usr/local/lib/node_modules/wizzy/node_modules/request/request.js:884:8)
    at emitOne (events.js:115:13)
    at ClientRequest.emit (events.js:210:7)
    at TLSSocket.socketErrorListener (_http_client.js:399:9)
    at emitOne (events.js:115:13)
    at TLSSocket.emit (events.js:210:7)

wizzy $ wizzy status
wi✔ conf directory exists.
✔ conf file exists.
✔ .git directory exists.
✔ wizzy setup complete.
wizzy $ wizzy version
0.5.9

lconnell avatar Jun 07 '17 15:06 lconnell

We have installed the latest version 0.6.0 but we noticed the same issue.

cello86 avatar Oct 31 '17 11:10 cello86

I also have this exact problem. Any word on addressing this, or a workaround perhaps?

AbsorbJonny avatar Apr 09 '18 20:04 AbsorbJonny

The problem is likely happens during TLS verification step, eg:

{ Error: unable to verify the first certificate
    at TLSSocket.<anonymous> (_tls_wrap.js:1098:38)
    at emitNone (events.js:105:13)
    at TLSSocket.emit (events.js:207:7)
    at TLSSocket._finishInit (_tls_wrap.js:628:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:458:38) code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE' }

Full solution might be to support OS keystore (I'm on macos), partial is to allow to ignore certificate verification errors.

andrusha avatar Apr 26 '18 13:04 andrusha

Hi,

I am facing exactly same issue.

/usr/local/lib/node_modules/wizzy/src/remote/grafana.js:284 output += 'Grafana API response status code = ' + response.statusCode; ^

TypeError: Cannot read property 'statusCode' of undefined at Request.saveHandler [as _callback] (/usr/local/lib/node_modules/wizzy/src/remote/grafana.js:284:66) at self.callback (/usr/local/lib/node_modules/wizzy/node_modules/request/request.js:185:22) at emitOne (events.js:116:13) at Request.emit (events.js:211:7) at Request.onRequestError (/usr/local/lib/node_modules/wizzy/node_modules/request/request.js:881:8) at emitOne (events.js:116:13) at ClientRequest.emit (events.js:211:7) at TLSSocket.socketErrorListener (_http_client.js:387:9) at emitOne (events.js:116:13) at TLSSocket.emit (events.js:211:7) Does anyone have some work around for this??

Keshav0690 avatar Jan 25 '19 08:01 Keshav0690

Hi,

In my case the issue was caused by a self-signed certificate on Grafana server.

You can temporarily disable TLS checks by setting this environment variable.

export NODE_TLS_REJECT_UNAUTHORIZED=0 or set NODE_TLS_REJECT_UNAUTHORIZED=0 on Windows

hadzikadunic avatar Aug 28 '19 09:08 hadzikadunic

Hum I could probably add a configuration for that if you want to open a separate issue @hadzikadunic

Sytten avatar Aug 28 '19 12:08 Sytten

It would be nice to have self signed certificates automatically accepted by wizzy, but this feels more like a "Knowledge article / setup instructions note" kind of thing.

Than being said, can somebody confirm that the issue does not appear with an SSL certificate with a "valid" key chain?

hadzikadunic avatar Aug 31 '19 18:08 hadzikadunic

Currently facing a similar SSL problem. Our Grafana instance is configured with a valid certificate issued by DigiCert, and the wizzy fails with the message "Error: unable to verify the first certificate".

As far as I understood, this is because Grafana server does not report back the whole certificate chain (maybe only the certificate itself, as far as this is the only one required by grafana). For browsers this appears to not be a problem, because they do not require the full cert chain from the server. Browsers fill in the gaps, because they already have it.

This is something that has to be fixed within wizzy as there is no possibility for configuring Grafana to report back the whole certificate chain (or is there?). On the other side, rejecting all invalid certificates via ENV variable is dangerous, but may be used as a temporary workaround.

vladislav-mitev avatar Feb 04 '20 12:02 vladislav-mitev

I mean wizzy uses standard requests libraries so I am unsure what the issue is... Do you have proper root CA on your machine?

Sytten avatar Feb 09 '20 04:02 Sytten

@Sytten I use mac os and have proper CA on machine still getting the error:

$wizzy list dashboards
Output:
Grafana API response status code = 401
No error body from Grafana API.
✘ Dashboards list display failed

Tikam02 avatar Jun 18 '20 11:06 Tikam02