Defect #34995

Running redmine in docker getting ssl error, any ideas what might be the issue?

Added by rafaelteb rafaelteb 4 months ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Email receiving
Target version:-
Resolution: Affected version:4.0.7

Description

Im having an issue with SSL. Im getting pretty crazy currently. Got the feeling that I miss something really simple :D

Would be very thankful for any help.
Maybe I should add rufus to a Dockerfile like its done here: https://github.com/docker-library/redmine/issues/64?

Currently wanted to setup with cron. But Im constantly getting this error:

`rake aborted!
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)`

Mentioned error occurers when I use this command:
`bundle exec rake -f /usr/src/redmine/Rakefile redmine:email:receive_imap RAILS_ENV="production" host=xxx port=993 username=xxx password=xxx ssl=true project=testproject folder=INBOX move_on_success=processed move_on_failure=failed no_permission_check=1 unknown_user=accept`

Funny thing: When I dirtily switch off ssl-checking by ruby with some sort of hack, all is working. I added a file here in /usr/src/redmine/config/initializers/bypass_ssl_verification_for_open_uri.rb with this:

```
require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
```

Also, I did setup ssl. I use redmine passenger with cert files in /usr/local/ca-certifications.
My Dockerfile looks like this:

````FROM redmine:4.1.0-passenger

#install packages
RUN apt update && apt -y install build-essential ca-certificates ruby-xapian

#import certificates for https
COPY certificates/redmine.pem /usr/local/share/ca-certificates/
COPY certificates/redmine.key /usr/local/share/ca-certificates/
#not sure why permissions need to be relaxed...
RUN chmod -R 777 /usr/local/share/ca-certificates/

CMD ["passenger", "start", "--ssl", "--ssl-certificate", "/usr/local/share/ca-certificates/redmine.pem", "--ssl-certificate-key", "/usr/local/share/ca-certificates/redmine.key", "--ssl-port", "443"]
````

And my docker-compose.yml looks like this:
````
version: '3.1'

services:
web:
build: .
restart: always
ports:
- 8080:3000
- 443:3443
environment:
REDMINE_DB_MYSQL: db
REDMINE_DB_PASSWORD: example
volumes:
- /data/redmine/redmine-files:/usr/src/redmine/files
- /data/redmine/redmine-plugins:/usr/src/redmine/plugins
- /data/redmine/redmine-themes:/usr/src/redmine/public/themes
db:
image: mysql:5.7
restart: always
environment:
MYSQL_ROOT_PASSWORD: example
MYSQL_DATABASE: redmine
volumes:
- /data/redmine/mysql:/var/lib/mysql
````

Any ideas? Very thankfull for tips and help ;)
Best

Also available in: Atom PDF