Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore SSL certificate errors when connecting to a end point on a self signed certificate #360

Open
avirauto opened this issue Jan 17, 2025 · 2 comments
Open

Ignore SSL certificate errors when connecting to a end point on a self signed certificate #360

avirauto opened this issue Jan 17, 2025 · 2 comments
Assignees
@krichprollsch
Labels
bug Something isn't working

Comments

@avirauto
Copy link

We are trying to automate testing of a app which is deployed locally. When lightpanda is used as a CDP server, I am unable to connect to the app that is deployed locally with a self signed certificate. I get the below error

Url: https://localhost:6000/login

cdpserver % ./lightpanda-aarch64-macos --host 127.0.0.1 --port 9222
info(websocket): starting blocking worker to listen on 127.0.0.1:9222
info(server): accepting new conn...
info(server): client connected
error(server): do error: error.TlsInitializationFailed
info(server): accepting new conn...

Is there a way to ignore the certificate errors when running as a CDP server?
@avirauto avirauto changed the title Ignore Certification errors Ignore SSL certificate errors when connecting to a end point on a self signed certificate Jan 17, 2025
@krichprollsch krichprollsch self-assigned this Jan 17, 2025
@krichprollsch
Copy link
Member

Hello @avirauto, thanks for the issue.
I'm able to reproduce your issue with https://self-signed.badssl.com

We are using https://github.com/ianic/tls.zig for TLS connection.
I'm not sure if an option to disable cert verification exists.

I have to check in detail.

@krichprollsch krichprollsch added bug Something isn't working and removed Investigate labels Jan 22, 2025
@krichprollsch
Copy link
Member 

$ zig build run -- https://self-signed.badssl.com/
debug(cli): Fetch mode: url https://self-signed.badssl.com/, dump false
debug(browser): start js env
debug(browser): setup global env
debug(polyfill): load polyfill-fetch: undefined
debug(browser): starting GET https://self-signed.badssl.com/
error(cli): 'https://self-signed.badssl.com/' fetching error (error.TlsInitializationFailed)s

usage: /home/pierre/wrk/browser/.zig-cache/o/1883af76469c1c213389d9df4972e355/lightpanda [options] [URL]

  start Lightpanda browser

  * if an url is provided the browser will fetch the page and exit
  * otherwhise the browser starts a CDP server

  -h, --help      Print this help message and exit.
  --verbose       Display all logs. By default only info, warn and err levels are displayed.
  --host          Host of the CDP server (default "127.0.0.1")
  --port          Port of the CDP server (default "9222")
  --timeout       Timeout for incoming connections of the CDP server (in seconds, default "3")
  --dump          Dump document in stdout (fetch mode only)
No memory leaks
error: Usage
/home/pierre/wrk/browser/vendor/tls.zig/src/handshake_common.zig:234:13: 0x1bd1d7e in parseCertificate (lightpanda)
            return error.CertificateIssuerNotFound;
            ^
/home/pierre/wrk/browser/vendor/tls.zig/src/handshake_client.zig:372:29: 0x1bd6151 in readServerFlight1 (lightpanda)
                            try h.cert.parseCertificate(&d, h.tls_version);
                            ^
/home/pierre/wrk/browser/vendor/tls.zig/src/handshake_client.zig:188:13: 0x1c380b4 in handshake (lightpanda)
            try h.readServerFlight1(); // server flight 1
            ^
/home/pierre/wrk/browser/vendor/tls.zig/src/main.zig:26:19: 0x1c39205 in client__anon_24698 (lightpanda)
    conn.cipher = try h.handshake(conn.stream, opt);
                  ^
/home/pierre/wrk/browser/src/http/Client.zig:1362:18: 0x1b7967c in connectTcp (lightpanda)
        }) catch return error.TlsInitializationFailed;
                 ^
/home/pierre/wrk/browser/src/http/Client.zig:1494:14: 0x1b202ba in connect (lightpanda)
    } orelse return client.connectTcp(host, port, protocol);
             ^
/home/pierre/wrk/browser/src/http/Client.zig:1642:9: 0x1ad9ea5 in open (lightpanda)
        try client.connect(valid_uri.host.?.raw, uriPort(valid_uri, protocol), protocol);
        ^
/home/pierre/wrk/browser/src/browser/loader.zig:62:22: 0x1ad90b1 in get (lightpanda)
        resp.req.* = try self.client.open(.GET, uri, .{
                     ^
/home/pierre/wrk/browser/src/browser/browser.zig:323:20: 0x1ae7896 in navigate (lightpanda)
        var resp = try self.session.loader.get(alloc, self.uri);
                   ^
/home/pierre/wrk/browser/src/main.zig:73:19: 0x1ac47a7 in printUsageExit (lightpanda)
    if (res == 1) return error.Usage;
                  ^
/home/pierre/wrk/browser/src/main.zig:339:21: 0x1af0f80 in main (lightpanda)
                    return printUsageExit(opts.execname, 1);
                    ^
run
+- run lightpanda failure
error: the following command exited with error code 1:
/home/pierre/wrk/browser/.zig-cache/o/1883af76469c1c213389d9df4972e355/lightpanda https://self-signed.badssl.com/ 
Build Summary: 2/4 steps succeeded; 1 failed (disable with --summary none)
run transitive failure
+- run lightpanda failure
error: the following build command failed with exit code 1:
/home/pierre/wrk/browser/.zig-cache/o/5dc6dd914e59dde2fe412bf4b82536b2/build /usr/local/zig-0.13.0/zig /home/pierre/wrk/browser /home/pierre/wrk/browser/.zig-cache /home/pierre/.cache/zig --seed 0x52031bc -Z635b739973da1549 run -- https://self-signed.badssl.com/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@krichprollsch krichprollsch

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@krichprollsch @avirauto