Comments (3)
Hey @degerlac!
There are a couple of common reasons for seeing this.
1.) You are connecting through some sort of proxy / VPN / network scanner
2.) You have your Okta Org setup with a custom domain and it does NOT have the full certification chain setup
Without any more info I'm going into guess the second, but here is an easy way to test it:
- Go to: https://ssltools.digicert.com/checker/views/checkInstallation.jsp
- Type in your domain for example.
id.example.com
- Click on the "Certificate Chain" tab (and check for errors)
If you see errors on this tab, you can correct the problem by following this guide:
https://developer.okta.com/docs/guides/custom-url-domain/enable-the-custom-domain/
The "chain" is optional for some clients (for example most browser connections don't need it), but many languages/frameworks (e.g. Java) require the full chain to be installed.
Either way, let me know if this helps, it's possible we could catch this error and provide better instructions, (but I'm just making an educated guess)
Assuming I'm wrong, let me know your Okta Org / URL and I can take a look. If you don't want to put that info in this issue, you can send it to Okta support, and reference this issue, and tell them to pass the info to @bdemers
😉
from okta-cli.
@bdemers - This is also a problem if the a company uses self-signed certs for things like ZScaler. Is it possible to import a certificate chain into the embedded java truststore the cli is using? Or provide and environment variable like AWS_CA_BUNDLE
?
from okta-cli.
@klongmitre, there are no immediate plans to support self-signed certificates with the Okta CLI.
Ideally, we'd like to see folks using certs with chains, but I understand that isn't always as simple as it sounds.
I'll leave this issue open for a bit to see if any other folks are looking for this functionality and we can reconsider it!
I can offer a quick workaround, though, you can grab the Java jar version of the Okta CLI:
https://repo1.maven.org/maven2/com/okta/cli/okta-cli/0.10.0/okta-cli-0.10.0.jar
Run it as:
java -jar /path/to/okta-cli-0.10.0.jar
Then configure your JVM with the appropriate keystore.
from okta-cli.
Related Issues (20)
- Add support for refresh tokens by default HOT 1
- Move native image to its own profile HOT 3
- `okta apps create` throws NPE when not logged in HOT 3
- brew install for version 0.8.0 -- SHA256 mismatch error HOT 5
- Application creation fails when Okta Org has two groups with "everyone" in the name HOT 3
- `okta apps` shows disabled apps HOT 2
- How are CLI Credentials Managed HOT 1
- Remove `export` and quotes from generated `.okta.env` HOT 1
- Linux install fails to properly update path (and exits silently) HOT 1
- `okta start`: How do I change a sample app's name?
- Autofill Okta URL protocol
- Add support for installation using winget
- Warn user when configuring a deactivated application
- Homebrew installation issue HOT 4
- linux install fails with message: "Nothing matches com.okta.developer.CLI in remote flathub" HOT 4
- Add linux ARM binary to release
- Error when not logged in could be better
- okta-cli doesn't work behind corporate proxy HOT 7
- [Feature] Add --json support
- Add a parameter to enable refresh token on app types that support it
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from okta-cli.