Is there a way to use drone with self-signed certificates?

Question

I'm trying to set up Drone using TLS but the drone agent can't connect to the server with the error:

connection failed, retry in 15s. websocket. Dial wss://drone-server:8000/ws/broker: x509: certificate signed by unknown authority

I've generated the necessary files and my docker-compose file for the drone server has DRONE_SERVER_CERT and DRONE_SERVER_KEY values set with the certificates, so I think the only problem is that it's self-signed. But I'm not sure how to set up the certificates with the drone image to have it recognize the certificate's CA. Is there a way to set that up or am I going about this in completely the wrong way?

score 0 · Answer 1 · answered May 19 '17 at 09:13

As far as I understand the drone CLI client, uses the systems' trusted certificate storage as most* applications do. So for your client to start trusting the server's self signed certificate, you should add the CA cert to your system storage.

A good guide on how to install a CA cert can be found in this answer.

*browsers usually have their own CA cert DB

Is there a way to use drone with self-signed certificates?

1 Answers1