Stop certificate check


#1

I am getting the following error while trying to connect to a local vagrant box

time="Oct 21 02:08:13" level=error msg="http: proxy error: x509: cannot validate certificate for 192.168.0.22 because it doesn't contain any IP SANs" api_id=deb784e8cbd94378672fadc27a9d42d8 org_id=57fca8069422a20001000003 server_name="192.168.0.22:9000" user_id="****280b" user_ip=172.18.0.1 user_name=

Wondering how I can configure tyk to stop doing certificate checks for development purposes?


#2

Hi, are you building Tyk from source?


#3

Nope, I have not built it from source. I am using the docker installation


#4

@Martin @matiasb

Any help would be appreciated. This is blocking me in my PoC.

Cheers!


#5

You can’t have it stop doing cert checks - but you can add the public part of your self-signed certificate to the vagrant box’s trusted list, this might help:

(I’m assuming the cert is self signed).

Otherwise you’ll need to hit your service on a non-SSL endpoint.


#6

Thanks for a quick response Martin,

I am using Docker on Mac :frowning:

Any solution you have for that?


#7

You could try to mount the file into the docker container using the -v flag (or modify the compose file to have a file mount that puts the file in the right place):

Manual docker mounts:
https://docs.docker.com/engine/tutorials/dockervolumes/

Compose file reference:

(I can’t remember the syntax off the top of my head)


#8

Thanks martin,

I just put nginx (http) between tyk and backend server and told nginx to not verify ssl. Problem solved for now