Newbie here trying to install Astro CLI for the first time.
I know I usually have issues with SSL certificates when trying to install anything via pip or when fetching from external sites (e.g. github). To solve this, I’ve added our proxy’s root certificate to my local certificate store and that usually solves the problem.
In this case, however, I don’t know how to do it, because I know the installation is happening inside the container, so I don’t know how to add the root certificate from my system to the container definition.
I’m on Windows, using version 9.5.0 of the astro runtime.
Hi @nathome, Welcome to the Astro Community, Glad to see you using the Astro CLI.
If you need your Astro Airflow to communicate securely with a remote service using a certificate signed by an untrusted or internal certificate authority (CA), you need to add the CA certificate to the trust store inside your Astro project’s Docker image.
In your Astro project Dockerfile, add the following entry below the existing FROM statement which specifies your Astro Runtime image version:
USER root
COPY <internal-ca.crt> /usr/local/share/ca-certificates/<your-company-name>/
RUN update-ca-certificates
USER astro
Optional. Add additional COPY statements before the RUN update-ca-certificates stanza for each CA certificate your organization is using for external access.