Infisical/sdk

Java SDK: Unknown Issuer when accessing selfhosted Infiscal

tobiasfichter opened this issue · 4 comments

tobiasfichter commented

Our developers are facing connection issues using the latest infisical SDK 2.1.3-SNAPSHOT with java 11 on windows.

Our selfhosted infisical instance uses a ssl cert from our internal CA. We've added its certificate to java and system trust store and we are sure this is functional because of other services with our own certs that can be be accessed within java.

The windows setup is working well using a cert from a public CA - but due to corporate restricitions we should stick to our own certs.

It is also worth mentioning, that this only occurs on a windows setup.
Our services deployed and used on linux are working fine.

Logs:

.   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::       (v2.3.12.RELEASE)

2024-01-30 08:44:30.456  INFO 29296 --- [           main] x.x.Application                          : Starting Application on araLap129 with PID 29296 
2024-01-30 08:44:30.458  INFO 29296 --- [           main] x.x.Application                          : The following profiles are active: local
2024-01-30 08:44:31.610  INFO 29296 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data Solr repositories in DEFAULT mode.
2024-01-30 08:44:31.692  INFO 29296 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 73ms. Found 4 Solr repository interfaces.
2024-01-30 08:44:32.272  INFO 29296 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8082 (http)
2024-01-30 08:44:32.279  INFO 29296 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2024-01-30 08:44:32.279  INFO 29296 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.46]
2024-01-30 08:44:32.421  INFO 29296 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2024-01-30 08:44:32.422  INFO 29296 --- [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1920 ms
2024-01-30 08:44:33.674  INFO 29296 --- [           main] o.s.b.a.e.web.EndpointLinksResolver      : Exposing 2 endpoint(s) beneath base path '/actuator'
2024-01-30 08:44:33.772  INFO 29296 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService 'applicationTaskExecutor'
2024-01-30 08:44:33.895  INFO 29296 --- [           main] o.s.s.c.ThreadPoolTaskScheduler          : Initializing ExecutorService 'taskScheduler'
2024-01-30 08:44:33.949  INFO 29296 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8082 (http) with context path ''
2024-01-30 08:44:34.510  INFO 29296 --- [           main] x.x.Application                          : Started Application in 4.369 seconds (JVM running for 5.905)
2024-01-30 08:44:34.514  INFO 29296 --- [           main] x.x..SolrReindexingCronJob               : starting solr reindexing
2024-01-30 08:44:34.606 ERROR 29296 --- [           main] o.s.boot.SpringApplication               : Application run failed

java.lang.RuntimeException: error sending request for url (https://secrets.db.siedle.de/api/v1/auth/universal-auth/login): error trying to connect: invalid peer certificate: UnknownIssuer
    at com.infisical.sdk.InfisicalClient.errorCheck(InfisicalClient.java:132) ~[sdk-2.1.3-20240126.225859-1.jar:na]
    at com.infisical.sdk.InfisicalClient.getSecret(InfisicalClient.java:40) ~[sdk-2.1.3-20240126.225859-1.jar:na]
    at x.x.SecretResolver.getSecret(SecretResolver.java:38) ~[classes/:na]
    [...]

2024-01-30 08:44:35.324  INFO 29296 --- [           main] o.s.s.c.ThreadPoolTaskScheduler          : Shutting down ExecutorService 'taskScheduler'
2024-01-30 08:44:35.325  INFO 29296 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Shutting down ExecutorService 'applicationTaskExecutor'

Process finished with exit code 1
DanielHougaard commented

Hi @tobiasfichter, thanks for reaching out. Is this issue happening in a dockerized environment?

tobiasfichter commented

Hi @DanielHougaard,
our Linux-Environment is dockerized but our devs are working on windows with a local java install.

DanielHougaard commented

@tobiasfichter Could I have you give version 2.1.7 a whirl?

tobiasfichter commented

We did! And it solved the issue. Thanks a lot!