-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
checkout@v2 failing on GHES actions beta with "failed, reason: self signed certificate in certificate chain" #362
Comments
@michaelfdickey can you ask the customer to run a workflow with step debugging enabled? Wondering whether the error is coming from Git or the REST API. Also wondering whether the required certificate authority chain is installed on runner machine? Curl is a good way to test. |
Hello Eric After following this procedure below, curl command works but not the workflow. Please advise |
Hello Eric I would like to clarify a point : Regards |
Can you try setting the env var NODE_EXTRA_CA_CERTS to point to the full path of the file? |
Here's a list of instructions to help with self-signed certificates on GHES: You will need to install the certificate on each runner machine. For example, on Debian:
Also you need to set an environment variable for the runner process. For example:
Most actions are written in Javascript and run using Nodejs. And Nodejs doesn’t use the system certificate store. |
Hello Eric It works :-) for windows and unix as well. Thanks |
I had started the runner on a machine as root (using RUNNER_ALLOW_RUNASROOT=1) and got this error when talking to our GHE server using self signed certs. NODE_EXTRA_CA_CERTS is ignored when node runs as setuid root or has Linux file capabilities set. The answer is create a local account - which is the right way but is easy to ignore when you "just want to get something working" (read: just being lazy!) |
Can NODE_EXTRA_CA_CERTS environment variable please be added to the documentation? |
@ericsciple Can you please let me know the step for centos? |
Hello actions / checkout team 👋
We have a report of actions checkout@v2 failing in an actions enabled beta on GHES 2.22 with the following message:
This is running a simple workflow which only runs actions checkout and a one line hello world script.
Thanks!
The text was updated successfully, but these errors were encountered: