Using Puppeteer within a Docker container with custom SSL certificates triggers ERR_INVALID_CERTIFICATE despite adding system certs. Example:
await driver.launch({ chromePath: '/opt/chromium/chrome' });
await view.loadUrl('https://example.com');
How can this certificate error be resolved?
hey, try addin ‘–ignore-certificate-errors’ in your launch opts. it fixed mine in docker. not ideal for production but useful for testin. maybe also check cert path.
Another method that worked for me was to manually insert the CA into the container’s trusted store. For instance, I copied the certificate file to /usr/local/share/ca-certificates and ran update-ca-certificates during the image build. This ensured that Chromium recognized the custom certificate chain. Additionally, verifying the intermediate certificate chain can be crucial to avoid errors. This approach helps maintain security standards while addressing certificate trust issues without resorting to insecure device flags.
I encountered a similar problem when using Puppeteer in Docker. What eventually worked for me was ensuring that the custom certificate was not only copied into the container but actually properly integrated in the certificate store. I ended up modifying the image build process so that the CA bundle would be installed via the specific system package commands. Additionally, verifying that the certificate chain was intact helped avoid any discrepancies. It was a bit tedious, but aligning the container’s device settings resolved the issue without needing to bypass security settings entirely.
hey, u could try setting node_tls_reject_unauthorized=0 in your container env. it’s not ideal for production, but it may help bypass the ssl error for dev.
I encountered a similar issue and eventually discovered that the container’s system time was misconfigured, which contributed to the SSL certificate error. I resolved this by installing an NTP client and synchronizing the container’s clock with a reliable time server during startup. This adjustment ensured that the certificate validation was accurate, and it helped eliminate discrepancies that sometimes trigger ERR_INVALID_CERTIFICATE. Although this approach might seem unrelated, ensuring accurate system time is critical in SSL handshakes and can serve as an overlooked yet effective solution.