SSL errors in Docker containers only (hosting with self-signed certificate)

Zorgoth

3/16/24, 6:32 AM

I host various APIs on my company VPN using self-signed certificates. I recently tried to host a new API, and no matter what I did, I got SSL errors. Firefox reported PR_END_OF_FILE, while the Python requests library similarly complained about

HTTPSConnectionPool(host='localhost', port=7057): Max retries exceeded with url: / (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:997)'))

I tried following multiple guides to replace the keys, and also tried switching from gunicorn to uwsgi. Nothing has made any difference. I have no problem using the same certificates to host outside of the Docker container.

Does anyone have an idea what could be behind this?

768

1 + 1

ssl-certificate

Zorgoth

3/16/24, 3:25 PM

I also can use Docker on my Mac to host the container no problem. It's only my Ubuntu server that seems to have a problem. I tried upgrading Docker on the server to no avail.

Score:0

Server

Zorgoth

3/16/24, 3:38 PM

I found out what was behind the problem: the permissions of the key files were set to be unreadable by the (non-root) primary user of my Docker container. Rebuilding the container to match my UID solved the problem.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: SSL errors in Docker containers only (hosting with self-signed certificate)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.