https://pact.io logo
Join Slack
Powered by
Hi <#C9UTHV2AD|> , I'm trying to run consumer pact...
# pact-net
p
Hi #C9UTHV2AD , I'm trying to run consumer pact from pact broker new PactVerifier(config) .ServiceProvider("provider", WebAppUrl) .HonoursPactWith("consumer") //.PactUri(@"C:\SSPL\hiiretail-sslp-customer-service\CustomerService_PactTest\pacts\sslp-customerpact-sslp-customerservice.json") .PactBroker("https://pact-broker.retailsvc.com/pacts/provider/provider/consumer/consumer/latest") .Verify(); but getting SSL error..is there any way to bypass SSL validation? Need help to troubleshoot Below is the error log opening connection to pact-broker.retailsvc.com:443... opened starting SSL for pact-broker.retailsvc.com:443... SSL established Conn close because of connect error SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
m
Need to know the version of Pact .NET you are using
Any reason you can’t use a real certificate? I find it hard to believe orgs these days can’t stamp real certificates given the likes of Cloud platforms, Let’s Encrypt etc. that all have proper certificate chains
p
Using 3.0.2 version... since I was doing this on local...So every machine we will have to add the cert...So was wondering if any other way
m
OK so a few things: 1. That pact broker is open to the world (is that an accident?) 2. It has a valid certificate 3. The verifier itself can connect to it (I used a CLI variant to check this) So this begs the question - why does it think it’s an invalid certificate? My guess is you have a corporate proxy in place, or something else is going on that should be fixed first. I can see a lot of other contracts there that have been verified, is this the first time you are running into the issue?
I think you can disable it by setting the environment variable to anything (e.g. 
1
) 
PACT_BROKER_DISABLE_SSL_VERIFICATION
p
Yes, first time working on Pact...and first time getting this error. Although from my git pipeline while publishing the pact did not have any issue...but somehow while reading I'm getting this issue
I will try PACT_BROKER_DISABLE_SSL_VERIFICATION
Thanks a lot
@Matt (pactflow.io / pact-js / pact-go) PACT_BROKER_DISABLE_SSL_VERIFICATION we can do from code as well?Cause I'm getting this error when I'm trying to run pact locally and not from pipeline
m
no it’s an environment variable, and would need to be set before you execute the process
Yes, first time working on Pact...and first time getting this error. Although from my git pipeline while publishing the pact did not have any issue...but somehow while reading I’m getting this issue
I guess I was saying that it looks like your company already has a lot of pacts, so are others having the issue or just you? have you asked others in your company?
p
ohh ok...yeah, Only I'm facing this issue
net6.0/pact-win32/lib/ruby/lib/ruby/2.2.0/net/http.rb923in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL:SSL:SSLError)
will upgrading to 4.X version help?
I've downloaded the cert from PAct site as well n registered in trusted root..Still this issue is there
m
Could you please add the 
--verbose
or set logging to debug level and share? (please redact any security/private info)
Did the environment variable not work?
moving to 4.x.x will be a good idea, but won’t be a trivial change if you have many services. It depends on the root cause of the problem though.
p
Hi @Matt (pactflow.io / pact-js / pact-go) is it necessary to install ruby on windows machine?
m
no
Does it say somewhere that we should?
p
You are right, no where it says we should install ruby...but still the SSL error being thrown from Ruby
OpenSSL:SSL:SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
Unable to understand which cert I need to download
m
Ruby is bundled into the project automatically
Please refer to my debugging instructions above first and then come back once you have the answers
howtossl
s
m
FYI - some extra context about the likely problems you’re running into (your certificate looks correct, so I suspect proxy)
p
OK Matt, I will check. Though I'm not running my machine into any kind of VPN. Not sure why this issue
m
VPN != Proxy
Is it a corporate laptop? Does it work when at work or not at work?
p
Agree Matt...VPN is not Proxy...I verified I don't have any proxy settings specified
m
You might not have proxy settings enabled, but does your corporate laptop have that configured for you?
Have you followed the advice in the above article? (e.g. adding the broker to the 
no_hosts
env var?
Also see the debugging advice (logs) above.
p
Sure @Matt (pactflow.io / pact-js / pact-go)
👍 1
Hi Matt, For us the provider test was working perfectly fine from the git pipeline so far...we had issues running it in local.
But now In local I'm able to run the pact but in Pipeline I'm getting error like (Pact:hal:RelationNotFoundError)
(Pact: hal :RelationNotFoundError)
Was able to troubleshoot this. Used PactBroker base url instead of PactUri Option
m
so what changed between before and now?
p
Locally I still have problem connecting to Pact Broker. I just left it there as from pipeline it's working as expected.
m
If you can share debug logs we can try and help you for local dev
The above error you mentioned you have locally is different than you first reported, this is why I was asking
p
Sure...We can get in huddle if that suits you. Tomorrow if possible
m
I would just like the logs or some more info on it and what you’ve done
p
VEry much I summed up earlier. My provider snippet is like below new PactVerifier(config) .ServiceProvider("provider", WebAppUrl) .HonoursPactWith("consumer") .PactBroker("https://pact-broker.retailsvc.com") .Verify();
I'm using old version 3.0.2 version of PactNet
👍 1
My web api is running in Docker
I'm not passing any auth details like user name or password to the pactbroker from local
but tests fail with below error OpenSSL:SSL:SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
I've added SSL_CERT_FILE env variable for the ca_cert I downloaded
m
It’s this that I’m after. This should hopefully help us to understand what is going on.
I’m not sure how to set that flag in .NET, but there must be an option somewhere and that’s what we need to be able to help you
p
I will see if I can get that kind flag setting in pactnet
👍 1
var pactConfig = new PactVerifierConfig { Outputters = new List<IOutput> //NOTE: We default to using a ConsoleOutput, however xUnit 2 does not capture the console output, so a custom outputter is required. { new XUnitOutput(_Output) }, Verbose = true //Output verbose verification logs to the test output };
I've set verbose to true
m
did you get any logs from it?
p
message has been deleted
Nothing other than this
2 Views
Open in Slack
PreviousNext
Powered by