Custom Certificate for OpenId / urllib3? #3092
Labels
stale
For marking issues as stale. Labeled issues will be closed soon if label is not removed.
Comments
|
I found out the problem. Urllib3 seems to usually use the "certifi" package. And one way to add a certificate to that in a docker file is to append it to the certifi bundle: |
alexcottner
added
the
stale
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm trying to get Kinto to run in a development setup with docker, OpenID (Authentik for now) and behind SSL. However, that requires the kinto application running in the container to trust the ssl certificate of the OpenID provider, which is self-signed.
I made a custom kinto image and added the root certificate to the usual trust store. I can run wget and curl from that image no problem, but kinto and urllib3 don't want to have anything to do with it.
As far as I have come so far, urllib3 uses pyOpenSSL so it should use that truststore. Also the certificate file seems correctly installed as a pem file. There are instructions in the urllib3 documentation how to change the code to use a custom bundle, but that would mean to change kinto and pyramid...
Is there an obvious thing I'm missing?
The text was updated successfully, but these errors were encountered: