I am building a website using phoenix inside a container using vscode from few months. Recently i tried to enable https endpoint using mix phx.gen.cert. But i am getting below warning for every ping. I am not docker or domains expert . Any idea on how to fix it?
[info] TLS :server: In state :abbreviated received CLIENT ALERT: Fatal - Certificate Unknown
[info] TLS :server: In state :abbreviated received CLIENT ALERT: Fatal - Certificate Unknown
---
.docker-compose
version: "3.7"
services:
db:
image: postgres:13.1
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
volumes:
- "database:/var/lib/postgresql/data"
ports:
- 5432:5432
app:
build:
context: ../
dockerfile: .devcontainer/Dockerfile
command: sleep infinity
environment:
MIX_ENV: dev
ports:
- "4001:4001"
volumes:
# Mounts the project folder to '/workspace'. The target path inside the container
# should match should match what your application expects. In this case, the
# compose file is in a sub-folder, so we will mount '..'. We'll then reference this
# as the workspaceFolder in '.devcontainer/devcontainer.json' so VS Code starts here.
- ..:/app:cached
- .zshrc:/root/.zshrc
- .p10k.zsh:/root/.p10k.zsh
# This lets you avoid setting up Git again in the container
- ~/.gitconfig:/root/.gitconfig
depends_on:
- db
volumes:
database:
The server says the client aborted the TLS handshake because it didn’t like the certificate. What client is making those request and how did you tell it that it’s ok to accept a self-signed certificate?
Browsers don’t just silently accept a self-signed test certificate. Some pop up a message warning you of the risk, and let you proceed if you know what you’re doing. Others abort the connection unless you change some preferences. Some differentiate between regular domains and localhost.
If you tell us which browser you’re using, maybe someone who is familiar with that browser can describe their setup. I doubt that it is related to your Docker or VSCode setup
yes! I got the pop ups and selected proceed. I tried chrome, chrome based edge browser earlier.
— Logs from chromium based browsers
info] Sent 200 in 8ms
[info] TLS :server: In state :abbreviated received CLIENT ALERT: Fatal - Certificate Unknown
[info] TLS :server: In state :abbreviated received CLIENT ALERT: Fatal - Certificate Unknown
[info] CONNECTED TO Phoenix.LiveView.Socket in 88µs
Transport: :websocket
Serializer: Phoenix.Socket.V2.JSONSerializer
Parameters: %{"_csrf_token" => "KhUjWh8EOxRAMxQUHy8NGyEpPCBhBjQ0Mlk9yBhaqUFPTLFCSNluWJWD", "_mounts" => "0", "vsn" => "2.0.0"}
But interestingly, I am not getting any warning when i try to access from Firefox today.
Firefox log
Parameters: %{"page" => "home"}
Pipelines: [:guest_web_pages]
[info] Sent 200 in 6ms
[info] CONNECTED TO Phoenix.LiveView.Socket in 117µs
Transport: :websocket
Serializer: Phoenix.Socket.V2.JSONSerializer
Parameters: %{"_csrf_token" => "GgMjLyRaPR9vCA41IBAYTAAAeygCAQ9cliIvb2mp9NybdGVz8hMaxwa7", "_mounts" => "0", "vsn" => "2.0.0"}
[info] CONNECTED TO Phoenix.LiveView.Socket in 66µs
Transport: :websocket
Serializer: Phoenix.Socket.V2.JSONSerializer
Parameters: %{"_csrf_token" => "Bl8fKwcuZVhgKBkxBToZWkssfnlDRSwYp5urAF576nnfAmWlsDH093Bs", "_mounts" => "0", "vsn" => "2.0.0"}
So now I am sure that the issue is with the browser not the docker or vscode setup .
These warnings are not the deal breaker though, since I am able to access server. but I like the logs to be clean .
I didn’t tried this earlier. but I undid the changes and tried this chrome://flags/#allow-insecure-localhost. I expected it will work but it didn’t. So I had to stick with previous solution again.