devpod icon indicating copy to clipboard operation
devpod copied to clipboard
verified publisher icon loft-sh

Error upon cloning repository due to CA Cert

Open elronzo opened this issue 1 year ago • 2 comments

In our corporate environment we do have a WebProxy that breaks up SSL connections. As a consequence clients need to trust that proxy's Certificate or its internal issuing CA.

How could I let devpod know about the proxy's cert and/or its CA?

elronzo avatar Jun 21 '24 08:06 elronzo

Hi @elronzo thanks for providing some details about your use case. Can you tell me more about what is currently not working? If you could add --debug to your command and send the logs that would be ideal.

On first thought I suspect you will need to add your CA to your system's root trust, so devpod can verify the proxy's connection

bkneis avatar Sep 02 '24 07:09 bkneis

I will provide more info ASAP.

I saw that loftlabs is attending OpenSourceSummit Europe. Maybe we'll find some time to discuss remaining issues...

elronzo avatar Sep 02 '24 09:09 elronzo

I am also running into this same issue.

The devpod container itself pulls down fine since the host itself has the certificate trusted, but when the devpod container attempts to connect to the repo, it fails because the devpod container does not have the certificate in its truststore.

This can be tested by using self-signed certificates.

I think the question is how do we inject certificates into the truststore of the devpod container before it attempts to clone/pull anything external.

kalebharrison avatar Nov 15 '24 17:11 kalebharrison

@kalebharrison you could mount the certificates into the trust store?

bkneis avatar Dec 19 '24 09:12 bkneis

This issue is stale because it has been open for 60 days with no activity.

github-actions[bot] avatar Feb 18 '25 01:02 github-actions[bot]

This issue was closed because it has been inactive for 30 days since being marked as stale.

github-actions[bot] avatar Mar 20 '25 02:03 github-actions[bot]