Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-1092

Installing CRW on openshift 3.11 with self-signed TLS gives PKIXPathBuildingException

    XMLWordPrintable

Details

    • Hide

      Start minishift

      Replace router certs with self signed certificates as per https://www.eclipse.org/che/docs/che-7/installing-che-in-tls-mode-with-self-signed-certificates/ 

      Run crwctl server:start -a operator -b $(minishift ip).nip.io -p openshift

      You may have to create your own docker registry secret and run 

      // code placeholder
oc secrets link default registry-secret --for=pull
oc secrets link codeready-operator registry-secret --for=pull
oc secrets link che registry-secret --for=pull

      To be able to pull the images

      Show
      Start minishift Replace router certs with self signed certificates as per  https://www.eclipse.org/che/docs/che-7/installing-che-in-tls-mode-with-self-signed-certificates/   Run crwctl server:start -a operator -b $(minishift ip).nip.io -p openshift You may have to create your own docker registry secret and run  // code placeholder oc secrets link default registry-secret -- for =pull oc secrets link codeready- operator registry-secret -- for =pull oc secrets link che registry-secret -- for =pull To be able to pull the images

    Description

      Installing CRW on minishift with self-signed certificates set up via https://www.eclipse.org/che/docs/che-7/installing-che-in-tls-mode-with-self-signed-certificates/ fails.  The che server pod fails to get the token from keycloak due to an inability to find a valid certificate path

       

      // code placeholder
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:198)                                                   
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1967)                                              
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:331)                                                   
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:325)

       

       

       

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. RHDEVDOCS-1691 [BUG] We can not obtain the token from the OpenShift token through Keycloak

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Activity

            People

              abazko Anatolii Bazko
              rhn-gps-tgeorge Thomas George (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: