May-18th-2020, 07:15 AM
Hello Armin,
at the end, it turns out as a very special firewall issue.
To make https working in our network, all devices have to trust the private certificate of the firewall. But this cert is private.
When I asked the guys, why the netPI cannot pull the containter, they make an exception for the website in the firewall, assuming the netPi could trust the firewalls own certificate by itsalf. but this was a mistake.
I got the same problem the starting to pull modules for the node.js . The certificate of GITHUB and NODEJS should be untrusted? Never, ever!
So, what's the conclusion:
If you have an enviroment with a firewall and encounter always problems with untrusted , obsolte or private certificates: suffocate the IT-guys until they give you a PEM-file with the self-signed certificat of the firewall. And after this, spent them a coffee and install this file in the security tab of the netPi and any container on this device.
Glad to read you again and kind regards,
Carsten
at the end, it turns out as a very special firewall issue.
To make https working in our network, all devices have to trust the private certificate of the firewall. But this cert is private.
When I asked the guys, why the netPI cannot pull the containter, they make an exception for the website in the firewall, assuming the netPi could trust the firewalls own certificate by itsalf. but this was a mistake.
I got the same problem the starting to pull modules for the node.js . The certificate of GITHUB and NODEJS should be untrusted? Never, ever!
So, what's the conclusion:
If you have an enviroment with a firewall and encounter always problems with untrusted , obsolte or private certificates: suffocate the IT-guys until they give you a PEM-file with the self-signed certificat of the firewall. And after this, spent them a coffee and install this file in the security tab of the netPi and any container on this device.
Glad to read you again and kind regards,
Carsten
