Git Product home page Git Product logo

Comments (3)

bdemers avatar bdemers commented on May 19, 2024

Hey @degerlac!

There are a couple of common reasons for seeing this.
1.) You are connecting through some sort of proxy / VPN / network scanner
2.) You have your Okta Org setup with a custom domain and it does NOT have the full certification chain setup

Without any more info I'm going into guess the second, but here is an easy way to test it:

If you see errors on this tab, you can correct the problem by following this guide:
https://developer.okta.com/docs/guides/custom-url-domain/enable-the-custom-domain/

The "chain" is optional for some clients (for example most browser connections don't need it), but many languages/frameworks (e.g. Java) require the full chain to be installed.

Either way, let me know if this helps, it's possible we could catch this error and provide better instructions, (but I'm just making an educated guess)

Assuming I'm wrong, let me know your Okta Org / URL and I can take a look. If you don't want to put that info in this issue, you can send it to Okta support, and reference this issue, and tell them to pass the info to @bdemers 😉

from okta-cli.

klongmitre avatar klongmitre commented on May 19, 2024

@bdemers - This is also a problem if the a company uses self-signed certs for things like ZScaler. Is it possible to import a certificate chain into the embedded java truststore the cli is using? Or provide and environment variable like AWS_CA_BUNDLE?

from okta-cli.

bdemers avatar bdemers commented on May 19, 2024

@klongmitre, there are no immediate plans to support self-signed certificates with the Okta CLI.

Ideally, we'd like to see folks using certs with chains, but I understand that isn't always as simple as it sounds.
I'll leave this issue open for a bit to see if any other folks are looking for this functionality and we can reconsider it!

I can offer a quick workaround, though, you can grab the Java jar version of the Okta CLI:
https://repo1.maven.org/maven2/com/okta/cli/okta-cli/0.10.0/okta-cli-0.10.0.jar

Run it as:

java -jar /path/to/okta-cli-0.10.0.jar

Then configure your JVM with the appropriate keystore.

from okta-cli.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.