Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Options to add trusted CA certificate to node #961

Closed
lsago opened this issue Dec 20, 2023 · 0 comments · Fixed by #963
Closed

[Feature Request] Options to add trusted CA certificate to node #961

lsago opened this issue Dec 20, 2023 · 0 comments · Fixed by #963
Labels
feature-request

Comments

@lsago
Copy link
Contributor

lsago commented Dec 20, 2023

Problem description

A vantage6 node running on a host behind a transparent HTTPS proxy fails to connect to the vantage6 server because the node does not trust the necessary CA certificate set up for this transparent proxy.

Desired solution

A way for a node administrator to add a CA certificate for the node to trust, or the set of certificates to trust (?).

Additional context

In Python, requests uses a separate rootstore from the system's (e.g. /etc/ssl). But I believe environment variable REQUESTS_CA_BUNDLE can be used to specify a different rootstore. Of course, this CA bundle / rootstore should exist in the container's file system, perhaps by means of volume mapping.

Note too, that even when running v6 node new on the host (no docker), this will fail due to the configuration's wizard attempt to fetch data from the server. But in this case, the user can manually set the REQUESTS_CA_BUNDLE environment variable beforehand.

Note

Perhaps after we provide users with an option to run a node only using docker-compose, this feature will be implicit.
@github-actions github-actions bot added the New label Dec 20, 2023
lsago added a commit that referenced this issue Jan 5, 2024
@lsago
Add node_extra_mounts & node_extra_env config options
6b18084 
node_extra_mounts: allows the node administrator to mount on the node
additional volumes.

node_extra_env: allows the node administrator to set additional
environment variables.

Combined, these options can be used to address #961
(#961)
@lsago lsago mentioned this issue Jan 5, 2024
Merged
@lsago lsago linked a pull request Jan 6, 2024 that will close this issue
Add node_extra_mounts & node_extra_env config options #963
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request
Projects
Sprints
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add node_extra_mounts & node_extra_env config options vantage6/vantage6
2 participants
@frankcorneliusmartin @lsago