Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

zap docker stuck after creating CA certificate step.

See original GitHub issue

Describe the bug

We are running zap in docker container. We tried to use various image to diagnose the issue.

Running following command:

zap-x.sh -d -host 0.0.0.0 -port 1001 -config globalexcludeurl.url_list.url.regex='^https?:\/\/.*\/(?:.*ruxitagentjs.*)+$' -config api.disablekey=true -config scanner.attackOnStart=true -config view.mode=attack -config connection.dnsTtlSuccessfulQueries=-1 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true /dev/null 2>&1 &

Got stuck after this stage.

[ZAP-BootstrapGUI] INFO  org.zaproxy.addon.network.ExtensionNetwork - New root CA certificate created.

Steps to reproduce the behavior

docker run -v $(pwd):/zap/wrk:rw -t owasp/zap2docker-weekly /zap/zap-x.sh -d -host 0.0.0.0 -port 1001 -config globalexcludeurl.url_list.url.regex='^https?:\/\/.*\/(?:.*ruxitagentjs.*)+$' -config api.disablekey=true -config scanner.attackOnStart=true -config view.mode=attack -config connection.dnsTtlSuccessfulQueries=-1 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true

Expected behavior

zaproxy should be accessible on port 1001

Software versions

Docker Version: 20.10.12 java: 11.0.13+8-Ubuntu-0ubuntu1.20.04

Screenshots

No response

Errors from the zap.log file

No response

Additional context

No response

Would you like to help fix this issue?

Issue Analytics

State:
Created 2 years ago
Comments:15 (9 by maintainers)

Top GitHub Comments

4reactions

thc202commented, Mar 2, 2022

The /dev/null is being passed as argument to ZAP causing other error, there’s also a dialogue that the user is expected to act upon (i.e. “Do you want to persist the ZAP Session”). If you really want to use the GUI you should pass, e.g. -config database.newsession=3 -config database.newsessionprompt=false to not have that dialogue, although I’d suggest using daemon mode which doesn’t prompt user dialogues (so ZAP start up is never blocked waiting for user’s actions).

2reactions

gokul-solcommented, Mar 2, 2022

@thc202 Thanks a ton and can confirm the above change fixed our issue

Top Results From Across the Web

Zap Docker stuck on certificate creation - Google Groups

When it starts, it gets stuck in the cert generation. [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - Creating new root CA certificate.

Diagnosing Docker Problems - OWASP ZAP

Docker is a great way to run ZAP in a CI/CD pipeline, but diagnosing problems can ... Any files created in a docker...

Dynamic Application Security Testing (DAST) - GitLab Docs

After your Docker build job completes and your image is added to your container registry, you can use the image as a service....

ZAP-Hosting: What to do if you have problems with your server?

Then simply create a Ticket in your web interface! Just fill in the form with all the necessary information that is relevant for...

chmod: changing permissions of 'myscript.sh' : Operation not ...

Set the permissions before you build the image chmod +x scripts/myScript.sh docker build . docker will keep the permissions when it copies ...