Closed
Description
Hi, I'm trying to use the Pact stub server as follows:
❯ docker run -t -p 38080:38080 --rm pactfoundation/pact-stub-server --insecure-tls --broker-url https://my-pact-broker.com --user pact_admin:password --loglevel debug --provider-name my-provider --consumer-name my-consumer
But I get the following error:
2025-02-21T17:01:49.668174Z DEBUG main pact_stub_server: Loading all pacts from Pact Broker at https://my-pact-broker.com using User(pact_admin, pass*******) authentication
2025-02-21T17:01:49.668466Z INFO main pact_verifier::pact_broker: Fetching path '/' from pact broker
2025-02-21T17:01:49.668799Z DEBUG tokio-runtime-worker hyper::client::connect::dns: resolving host="pact-broker.internal.dev.euwest.azure.bestsecrettec.com"
2025-02-21T17:01:50.670714Z DEBUG main hyper::client::connect::http: connecting to 10.252.21.210:443
2025-02-21T17:01:50.726462Z DEBUG main hyper::client::connect::http: connected to 10.252.21.210:443
2025-02-21T17:01:50.783165Z ERROR main pact_stub_server: There were errors loading the pact files.
2025-02-21T17:01:50.783182Z ERROR main pact_stub_server: - IO Error - Failed to access pact broker path '/' - error sending request for url (https://my-pact-broker.com/): error trying to connect: invalid peer certificate: UnknownIssuer. URL: 'https://my-pact-broker.com'
Error: ExitCode(unix_exit_status(3))
This is because my SSL certificate in the broker comes from Let's Encrypt. But I've specified --insecure-tls, so I would expect this verification to be skipped!
I've made a workaround by also mounting the root certs from my machine (-v /etc/ssl/certs:/etc/ssl/certs:ro) and it works, so I'm quite sure this is the only issue here.
Am I missing something or is this flag just broken?
Thanks for the help!