I’m trying to test and fix some issues on an application that entirely runs in docker containers. I have openvidu running in a local container and it works fine on the dashboard, but when i try to create a session by PHP using curl i’m getting:
Creating Session: SSL certificate problem: self signed certificate {"url":"https:\/\/host.docker.internal:4443\/api\/sessions","content_type":null,"http_code":0,"header_size":0,"request_size":0,"filetime":-1,"ssl_verify_result":18,"redirect_count":0,"total_time":0.288576,"namelookup_time":0.023283,"connect_time":0.025001,"pretransfer_time":0,"size_upload":0,"size_download":0,"speed_download":0,"speed_upload":0,"download_content_length":-1,"upload_content_length":-1,"starttransfer_time":0,"redirect_time":0,"redirect_url":"","primary_ip":"192.168.65.2","certinfo":[],"primary_port":4443,"local_ip":"172.20.0.3","local_port":54412,"http_version":0,"protocol":2,"ssl_verifyresult":0,"scheme":"HTTPS","appconnect_time_us":0,"connect_time_us":25001,"namelookup_time_us":23283,"pretransfer_time_us":0,"redirect_time_us":0,"starttransfer_time_us":0,"total_time_us":288576}
This is a self signed certificate due to being on a local development, so it’s accessing the vidu api on https://host.docker.internal:4443 so that it can call the openvidu container from inside the php container, everything works ok when i just use https://localhost:4443 on the local machine but from inside the php container i have to use host.docker.internal.
My open vidu container has the env setup with: CERTIFICATE_TYPE: “selfsigned” and DOMAIN_OR_PUBLIC_IP: “host.docker.internal”
Proving a little difficult to get the local setup to work. The following doesn’t work:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
I have also tried to use a self signed dev certificate in curl:
->setOpt(CURLOPT_SSLCERT,'/ssl/cert.pem')
->setOpt(CURLOPT_SSH_PRIVATE_KEYFILE, '/ssl/key.pem')
->setOpt(CURLOPT_SSLCERTPASSWD,'MY_PASSWORD')
But i just get:
Creating Session: unable to set private key file: '/ssl/cert.pem' type PEM
UPDATE
I have tried to change to “owncert”, and my docker-compose config looks like this:
openvidu:
platform: linux/amd64
image: openvidu/openvidu-server-kms:2.20.0
container_name: openvidu
ports:
- 4443:4443
- 3478:3478
- 40000-40010:40000-40010
- 57001-57011:57001-57011
networks:
- my-net
volumes:
- ./ssl:/ssl
environment:
KMS_MIN_PORT: "40000"
KMS_MAX_PORT: "40010"
MIN_PORT: "57001"
MAX_PORT: "57011"
OPENVIDU_SECRET: "PbmY7rVKeC4cNXrj6f5x9427YVmFD4q9"
DOMAIN_OR_PUBLIC_IP: "host.docker.internal"
CERTIFICATE_TYPE: "owncert"
This also results in the following error (but it works from the vidu dashboard test):
Creating Session: unable to set private key file: '/ssl/cert.pem' type PEM
I’m just trying to find a way to be able to develop locally in docker containers, building a new image to put on the live/staging server every time i need to test a change is not great and time consuming