Cloudflare DevelopersCD
Cloudflare Developers2y ago
bnowak

Can't get wrangler to work with SSL certs

Ok, so I have a following dev setup:
  • nginx reverse proxy as an entry point
  • pointed at at a worker
  • worker talks to a bunch of microservices depending on a route
  • everything wrapped in docker-compose
Since in this setup, worker->microservice communication was over http, I've never hit the problem until I've tried to use Honeycomb observability plugin, which I assume talks over https with the mothership. As soon as I've added the plugin, I've started getting the dreaded TLS error:
workerd/jsg/util.c++:281: error: e = kj/compat/tls.c++:221: failed: TLS peer's certificate is not trusted; reason = unable to get local issuer certificate

Later validated that indeed any https call from within the worker will trigger the error.

What I've tried so far to solve it:
  • in my 
    wrangler.toml
     make local_protocol = "https"
  • replace my package.json run script wrangler.dev with NODE_EXTRA_CA_CERTS=/absolute/path/to/fullchain.pem wrangler dev
Does not seem to help, despite the internet search(es) saying it should.
Other useful info:
  • wrangler version: ^3.22.1
  • local ssl cert is a valid one from Letsncrypt/certbot, and nginx/browser have no issues with it.
  • relevant bits of Dockerfile:
    FROM node:20-slim as platform-dev
do stuff
RUN apt-get install procps openssl -y
Any advice would be appreciated. Thanks
Was this page helpful?