Question - How to bypass cURL certificate validation of Eramba first registration

cavalcantevictor · August 5, 2024, 1:10pm

Dear Eramba community,

I would like to request some help here since I’ve been trying to find a solution for a few days already and nothing worked.

I just installed Eramba community version using virtual machines, but the host is placed in a corporate network where we have a network web proxy that interceptates HTTPS traffic, causing the SSL certificate error.

I’ve tryied to add the self-signed from the web proxy into the virtual machine, and it seems to work properly (at least in the installation guide step where we test the connection with Eramba server using the url: https://support-v3.eramba.org/ping.html

When I first log into the application, the screen shows a button “Unlock power of GRC” but then after a few seconds this message shows up:

Error
Application registration was requested but failed with error: cURL Error (60) SSL certificate problem: unable to get local issuer certificate.

Also I’ve tryed to set parameters into the docker compose file to ignore or bypass TLS certificate errors, or mapping the virtual machine file path for CA certificates but nothing worked.

Is it possible to change something in the application to ignore the certificate error in this registration step?

Thank you!

sam · August 5, 2024, 1:28pm

Hello,

Maybe you want to try run eramba with HTTP only?

cavalcantevictor · August 5, 2024, 1:51pm

Dear sam,

Thanks for your reply.

In fact is not what I was looking for, there is no problem in using a self-signed certificatei nthe Apache web application of Eramba server, however just to see if your recommendation could work, I did these changes but still having the same issue.

Now Eramba console is in HTTP mode, but when I try to click in the button “Unlock power of GRC” the same error shows in a pop-up on my web browser

Error
Application registration was requested but failed with error: cURL Error (60) SSL certificate problem: unable to get local issuer certificate.

I believe the reason of the problem is that when my Eramba local server attemps to connect to the Eramba external services to register the application for the first time, but because of my network proxy, the SSL certificate is invalid.

I was hopping if there is some way to add like a “insecure” option to bypass the SSL certificate validation in this step.