Deploy failed Error: SSL Error: SELF_SIGNED_CERT_IN_CHAIN


#1

I do have a self-signed cert that we require for Deep Packet Inspection through our firewall. export NODE_EXTRA_CA_CERTS= does not work for this error.

I was able to get around this for the login by adding
process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
to
/usr/lib/node_modules/balena-cli/node_modules/node-fetch/index.js

balena-cli version: 9.14.5

[Error]   Deploy failed
Error: SSL Error: SELF_SIGNED_CERT_IN_CHAIN
    at Request.onRequestResponse (/usr/lib/node_modules/balena-cli/node_modules/request/request.js:954:24)
    at ClientRequest.emit (events.js:202:15)
    at ClientRequest.EventEmitter.emit (domain.js:446:20)
    at HTTPParser.parserOnIncomingClient [as onIncoming] (_http_client.js:560:21)
    at HTTPParser.parserOnHeadersComplete (_http_common.js:113:17)
    at TLSSocket.socketOnData (_http_client.js:447:20)
    at TLSSocket.emit (events.js:197:13)
    at TLSSocket.EventEmitter.emit (domain.js:446:20)
    at addChunk (_stream_readable.js:288:12)
    at readableAddChunk (_stream_readable.js:269:11)
    at TLSSocket.Readable.push (_stream_readable.js:224:10)
    at TLSWrap.onStreamRead [as onread] (internal/stream_base_commons.js:145:17)

If you need help, don't hesitate in contacting us at:

  Forums: https://forums.balena.io
  GitHub: https://github.com/balena-io/balena-cli/issues/new

#7

Hey,

Could you confirm a few things for me:

  • Do you need the openBalena services to be served with a specific certificate?
  • Have you made any changes at all to the service stack from default?
  • Are you still using a self-signed certificate provided by ./scripts/quickstart?

#8

Hey,
Could you confirm a few things for me:

Do you need the openBalena services to be served with a specific certificate?

Have you made any changes at all to the service stack from default?

Are you still using a self-signed certificate provided by ./scripts/quickstart?