Giters

faradayio / cage

Develop and deploy complex Docker applications

Home Page:http://cage.faraday.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Error: plugin 'vault' failed: could not generate token for '*': hyper error: An error in the OpenSSL library: certificate verify failed

emk opened this issue · comments

commented

This only affects the binary distributions. It looks like our statically linked OpenSSL is still looking for certain cert-related files in musl directories.

strace -Ff -tt cage --override="staging" export export 2>&1 | tee cage.log
18:29:46.176436 stat("/usr/local/musl/ssl/certs/157753a5.0", 0x7fffcc0c1490) = -1 ENOENT (No such file or directory)
18:29:46.176560 stat("/usr/local/musl/ssl/certs/d6325660.0", 0x7fffcc0c1490) = -1 ENOENT (No such file or directory)
18:29:46.176826 stat("/usr/local/musl/ssl/certs/8d28ae65.0", 0x7fffcc0c1490) = -1 ENOENT (No such file or directory)

There's an easy workaround:

mkdir /usr/local/musl
ln -s /etc/ssl /usr/local/musl/ssl

The real fix will require a look at https://github.com/emk/rust-musl-builder to figure out what's going wrong.

There may be similar issues with Mac binaries. Again, this only affects the vault plugin.