Katello (maybe Foreman too?) dev server browser error workaround

Many of us are seeing NS_ERROR_NET_INADEQUATE_SECURITY or similar browser error when going to https://$HOSTNAME:3808, which is where webpack assets are served. This is happening on new devel boxes.

I looked into this today and was able to come up with a hacky workaround:

My understanding is we are using HTTP/2 and the certs used don’t have the TLS requirements for HTTP/2 required by the browser. Switching to HTTP/1.1, which the above change does, “fixes” it.

It looks like webpack uses katello’s apache certs, assuming it’s still using $WEBPACK_OPTS from .env. However, even the self-signed ones that are generated by webpack are causing the same error (when you remove the cert arguments from webpack-dev-server but keep --https it will generate it’s own self-signed certificate).

I’m not sure what exactly changed - Did we start using HTTP/2 for webpack somehow? Something changed in the installer? Something expired in 2021?

This is where my investigation ends, but maybe someone has an idea of how to debug further so we can permanently fix this in the dev environment! :hammer_and_wrench:

1 Like

webpack-dev-server does have an option to disable http2, but it’s not present in the version we use :cry:

Is it time to upgrade our webpack-dev-server and mainly… webpack? xD

2 Likes

Thanks for the workaround tho, it’s very annoying :slight_smile:

Ideally yes :smile:

If we can come up with a solution or better workaround for this version that would be ideal, I’m not sure how long that would take to upgrade webpack. :thinking: