Error: plugin 'vault' failed: could not generate token for '*': hyper error: An error in the OpenSSL library: certificate verify failed
emk opened this issue · comments
Eric Kidd commented
This only affects the binary distributions. It looks like our statically linked OpenSSL is still looking for certain cert-related files in musl directories.
strace -Ff -tt cage --override="staging" export export 2>&1 | tee cage.log
18:29:46.176436 stat("/usr/local/musl/ssl/certs/157753a5.0", 0x7fffcc0c1490) = -1 ENOENT (No such file or directory)
18:29:46.176560 stat("/usr/local/musl/ssl/certs/d6325660.0", 0x7fffcc0c1490) = -1 ENOENT (No such file or directory)
18:29:46.176826 stat("/usr/local/musl/ssl/certs/8d28ae65.0", 0x7fffcc0c1490) = -1 ENOENT (No such file or directory)
There's an easy workaround:
mkdir /usr/local/musl
ln -s /etc/ssl /usr/local/musl/ssl
The real fix will require a look at https://github.com/emk/rust-musl-builder to figure out what's going wrong.
There may be similar issues with Mac binaries. Again, this only affects the vault plugin.