Issue
ePortal fails with an SSL error like:
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] unable to get local issuer certificate
Environment
- KernelCare
- ePortal
Solution
1. Identify the correct CA bundle:
- Test the client's SSO endpoint using curl:
curl -v https://<client_sso_url>
- Note the `CAfile` or `CApath` in the output.
2. Set `REQUESTS_CA_BUNDLE`:
- Edit the ePortal `/etc/eportal/service.env` environment file
- Add or update:
REQUESTS_CA_BUNDLE=/path/to/ca-bundle.crt
3. Restart ePortal
sudo systemctl restart eportal
4. Verify
- Check logs:
sudo journalctl -u eportal -e
- Test SSO functionality to confirm the fix.
Comments
0 comments
Please sign in to leave a comment.