Gitea: Webhook x509: certificate signed by unknown authority

Created on 14 Jun 2019 · 4Comments · Source: go-gitea/gitea

Gitea version (or commit ref): 1.9.0+dev-311-gfb4438a81
Git version: 2.20.1
Operating system: Centos 7
Database (use [x]):
- [x] PostgreSQL
- [ ] MySQL
- [ ] MSSQL
- [ ] SQLite
Can you reproduce the bug at https://try.gitea.io:
- [ ] Yes (provide example URL)
- [ ] No
- [x] Not relevant
Log gist:

Description

Unable to add webhook for openshift origin pipeline (3.11).

Delivery: Post https://ip@:8443/apis/build.openshift.io/v1/namespaces/jenkins/buildconfigs/pipeline6/webhooks/somesecret/generic: x509: certificate signed by unknown authority

How can i use self signed webhooks in gitea ?

Screenshots

kinenhancement revieweconfirmed

Source

boukandouramhamed

Most helpful comment

A more general option would be great to address not only webhooks.
As said I try to integrate gitea in openshift and want gitea to use the openID endpoint provided by openshift, which is accessible through tls endpoint secured by a cluster wide certificate.

The same is also true for every connection gitea make to external resources. This would include databases, indexers, auth providers (OpenID/OAuth2, LDAP and SMTP), webhooks (of coursce), Mailer, Cache (redis with TLS), Picture, log (at least smtp logs) and U2F.

Best regards

langemar on 19 Nov 2019

👍2

All 4 comments

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

stale[bot] on 13 Aug 2019

A similar issue was tracked by #2744 but the given solution is not suitable in an openshift/k8s environment. I'm seeking for a solution since a while in order to use openshift's oauth2/openID provider in gitea.

Grepping through the source code i even can't find where the trust-store might be initialised.

best regards

langemar on 18 Nov 2019

We should add a config on [webhook] to allow self-signed webhooks.