[TRI-1794] Self-hosting with self-signed certs

Open matt-aitken opened this issue 2 years ago • 1 comments

A customer kindly provided this information when they got Trigger.dev working on Digital Ocean:

Everything is the exact same as fly except for needing to have your own dockerhub image (perhaps fixed in the future) and needing to set NODE_TLS_REJECT_UNAUTHORIZED='0'. Without that env var, you get the following error from graphile:

[2023-12-22 10:08:56] Error: self-signed certificate in certificate chain
[2023-12-22 10:08:56]     at TLSSocket.onConnectSecure (node:_tls_wrap:1600:34)
[2023-12-22 10:08:56]     at TLSSocket.emit (node:events:517:28)
[2023-12-22 10:08:56]     at TLSSocket._finishInit (node:_tls_wrap:1017:8)
[2023-12-22 10:08:56]     at ssl.onhandshakedone (node:_tls_wrap:803:12) {
[2023-12-22 10:08:56]   code: 'SELF_SIGNED_CERT_IN_CHAIN'
[2023-12-22 10:08:56] }

_TRI-1794

Dec 22 '23 10:12 matt-aitken

I have same question for v3 projects, I am trying to host it locally with a self signed cert chain (local issuer for hardened security)

How do I add this to my tasks so that they trust my cert in fetch. Presumably they are going to be built into a container, can i add a step to add a custom cert?

Jul 09 '24 17:07 gautamsi