This repository has been archived by the owner on Apr 8, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 38
Custom root certs not being passed to Camunda Cloud connection #319
Comments
nikku
added a commit
that referenced
this issue
Jun 8, 2023
+ respect custom SSL certificate for C8 SaaS connections Closes #319
nikku
added a commit
that referenced
this issue
Jun 8, 2023
This ensures we respect custom SSL certificate for C8 SaaS connections. Closes #319
nikku
added a commit
to camunda/camunda-modeler
that referenced
this issue
Jun 9, 2023
Accounts for `customSSL.rootCerts` when connecting to Camunda 8 SaaS. Related to upstream bug camunda-community-hub/zeebe-client-node-js#319.
nikku
added a commit
to camunda/camunda-modeler
that referenced
this issue
Jun 9, 2023
Accounts for `customSSL.rootCerts` when connecting to Camunda 8 SaaS. Related to upstream bug camunda-community-hub/zeebe-client-node-js#319.
nikku
added a commit
to camunda/camunda-modeler
that referenced
this issue
Jun 9, 2023
Accounts for `customSSL.rootCerts` when connecting to Camunda 8 SaaS. Related to upstream bug camunda-community-hub/zeebe-client-node-js#319.
nikku
added a commit
to camunda/camunda-modeler
that referenced
this issue
Jun 9, 2023
Accounts for `customSSL.rootCerts` when connecting to Camunda 8 SaaS. Related to upstream bug camunda-community-hub/zeebe-client-node-js#319.
nikku
added a commit
to camunda/camunda-modeler
that referenced
this issue
Jun 9, 2023
Accounts for `customSSL.rootCerts` when connecting to Camunda 8 SaaS. Related to upstream bug camunda-community-hub/zeebe-client-node-js#319.
nikku
added a commit
to camunda/camunda-modeler
that referenced
this issue
Jun 12, 2023
Accounts for `customSSL.rootCerts` when connecting to Camunda 8 SaaS. Related to upstream bug camunda-community-hub/zeebe-client-node-js#319.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I have a corporate, SSL terminating cloud firewall that sits between
zeebe-node
and Camunda 8 SaaS. That firewall serves a custom SSL certificate for C8 SaaS endpoint and I must mark that one as trusted.As it looks like, this library assumes that C8 SaaS won't use custom SSL certificates for oAuth; at least I was not able to configure it using the
customSSL.rootCerts
and/oroAuth.customRootCert
option:As a result I receive the following logs in a downstream application (Camunda Desktop Modeler):
Note the use of
got
which indicates that oAuth token retrival failed (rather than the actual connection).Expected Behavior
I can connect to C8 SaaS, using custom certificates.
Current Behavior
Connection to C8 SaaS does not pick up certificates that I provide through
customSSL.rootCerts
.Possible Solution
In general I think it makes sense that the client respects
customSSL.rootCerts
foroAuth
, too. This would give us the ability to configure custom certificates once and use them for bothoAuth
, and the actual grpc connection:Alternatively we could allow to configure
oAuth
with onlycustomRootCert
and respect that property:The later though currently fails due to type constraints:
Steps to Reproduce
Due to the nature of this issue reproduction is fairly complicated. What you can do is to replicate the configuration issue in a test case
Context (Environment)
Camunda 8 SaaS, connecting to it through corporate network with SSL terminating firewall / custom SSL certificate.
Detailed Description
Possible Implementation
The text was updated successfully, but these errors were encountered: