Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

GitHub Enterprise authentication with self signed certificate

See original GitHub issue

I was trying to setup authentication on JupyterHub using GitHub Enterprise. I have provided my configuration file.

I run jupyterhub by: sudo jupyterhub. After I log in with GitHub Enterprise credentials, I see 500 Server Error on the client. And on the server, I see the following error:

tornado.curl_httpclient.CurlError: HTTP 599: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

I suspect, it is because my GitHub Enterprise is hosted with a self signed certificate. Is there a way to get past this? (I know I get get the certificates if I have a domain, but currently I don’t).

I saw somthing like validate_server_cert in GitLab code. Should we have something similar in GitHub for GitHub Enterprise deployments with self signed certificates?

My conf:

import os
os.environ['GITHUB_HOST'] = "<GITHUB-HOST IP>"
# os.environ['GITHUB_HTTP'] = "1" # Tried with and without this

from oauthenticator.github import GitHubOAuthenticator

c.JupyterHub.ip = '<jupyterhub-host>'
c.JupyterHub.port = <jupyterhub-port>

c.JupyterHub.authenticator_class = GitHubOAuthenticator
c.GitHubOAuthenticator.oauth_callback_url = 'https://<jupyterhub-ip>:<jupyterhub-port>/hub/oauth_callback'
c.GitHubOAuthenticator.client_id = '<client_id>'
c.GitHubOAuthenticator.client_secret = '<client_secret>'

c.LocalAuthenticator.create_system_users = True
c.Authenticator.whitelist = {'myuser'}
c.Authenticator.admin_users = {'myuser'}
c.JupyterHub.ssl_cert = 'certs/mycert.pem'
c.JupyterHub.ssl_key = 'certs/mykey.key'

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:1
  • Comments:9 (2 by maintainers)

github_iconTop GitHub Comments

consideRatiocommented, Dec 9, 2020

I think it was meant to be closed by #354

nvs-abhilashcommented, Dec 9, 2020

Fixed in #354 (edit, pr number changed from unrelated pr)

Read more comments on GitHub >

github_iconTop Results From Across the Web

Configuring TLS - GitHub Enterprise Server 3.5 Docs
TLS, which replaced SSL, is enabled and configured with a self-signed certificate when GitHub Enterprise Server is started for the first time.
Read more >
SSL certificate problem: self signed certificate in certificate chain
I am unable to push to git. I see that there have been changes and I've been upgrading to catch up, but I'm...
Read more >
Troubleshooting TLS errors - GitHub Enterprise Server 3.5 Docs
Converting your TLS certificate or key into PEM format. Unresponsive installation after uploading a key. Certificate validity errors. Installing self-signed ...
Read more >
About SSH certificate authorities - GitHub Enterprise Cloud Docs
If you use an SSH certificate authority (CA) to provide your organization members with signed SSH certificates, you can add the CA to...
Read more >
Don't use self signed certificates on GitHub Enterprise
Don't use self signed certificates on GitHub Enterprise. Often you come across an organization that has a policy to use self signed certificates...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found