Openvidu development docker container issue with self signed certificate when creating session by REST in php

I’m trying to test and fix some issues on an application that entirely runs in docker containers. I have openvidu running in a local container and it works fine on the dashboard, but when i try to create a session by PHP using curl i’m getting:

Creating Session: SSL certificate problem: self signed certificate {"url":"https:\/\/host.docker.internal:4443\/api\/sessions","content_type":null,"http_code":0,"header_size":0,"request_size":0,"filetime":-1,"ssl_verify_result":18,"redirect_count":0,"total_time":0.288576,"namelookup_time":0.023283,"connect_time":0.025001,"pretransfer_time":0,"size_upload":0,"size_download":0,"speed_download":0,"speed_upload":0,"download_content_length":-1,"upload_content_length":-1,"starttransfer_time":0,"redirect_time":0,"redirect_url":"","primary_ip":"","certinfo":[],"primary_port":4443,"local_ip":"","local_port":54412,"http_version":0,"protocol":2,"ssl_verifyresult":0,"scheme":"HTTPS","appconnect_time_us":0,"connect_time_us":25001,"namelookup_time_us":23283,"pretransfer_time_us":0,"redirect_time_us":0,"starttransfer_time_us":0,"total_time_us":288576}

This is a self signed certificate due to being on a local development, so it’s accessing the vidu api on https://host.docker.internal:4443 so that it can call the openvidu container from inside the php container, everything works ok when i just use https://localhost:4443 on the local machine but from inside the php container i have to use host.docker.internal.

My open vidu container has the env setup with: CERTIFICATE_TYPE: “selfsigned” and DOMAIN_OR_PUBLIC_IP: “host.docker.internal”

Proving a little difficult to get the local setup to work. The following doesn’t work:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

I have also tried to use a self signed dev certificate in curl:

            ->setOpt(CURLOPT_SSH_PRIVATE_KEYFILE, '/ssl/key.pem')

But i just get:

Creating Session: unable to set private key file: '/ssl/cert.pem' type PEM


I have tried to change to “owncert”, and my docker-compose config looks like this:

    platform: linux/amd64
    image: openvidu/openvidu-server-kms:2.20.0
    container_name: openvidu
      - 4443:4443
      - 3478:3478
      - 40000-40010:40000-40010
      - 57001-57011:57001-57011
      - my-net
      - ./ssl:/ssl
      KMS_MIN_PORT: "40000"
      KMS_MAX_PORT: "40010"
      MIN_PORT: "57001"
      MAX_PORT: "57011"
      OPENVIDU_SECRET: "PbmY7rVKeC4cNXrj6f5x9427YVmFD4q9"
      DOMAIN_OR_PUBLIC_IP: "host.docker.internal"
      CERTIFICATE_TYPE: "owncert"

This also results in the following error (but it works from the vidu dashboard test):

Creating Session: unable to set private key file: '/ssl/cert.pem' type PEM

I’m just trying to find a way to be able to develop locally in docker containers, building a new image to put on the live/staging server every time i need to test a change is not great and time consuming

I don’t understand quite well your setup, but regarding this you’ve said…

from inside the php container i have to use host.docker.internal.

Why don’t you run your PHP container using network=host? In this way you can access the service through http://localhost:4443

Both of those ways work, the issue is the php curl request sent to vidu, it can access it fine but it’s complaining about using a self signed certificate so the request to create a session fails

If you want to access a REST service which is using a self-signed certificate, you will need to configure your HTTP client to allow self-signed certificates. I am no PHP developer, but I am pretty sure that for example if you are using Laravel, you must configure the Guzzle HTTP client like this to ignore invalid SSL errors:

$this->client = new GuzzleClient(['defaults' => [
    'verify' => false
1 Like

No not laravel but I did mention that the verify false on the curl request doesn’t work.

I’ll give your host network suggestion a try though and see if that makes any difference