Unable to skip untrusted certificate on minikube/Chrome

[benoitf]

Describe the bug

Usually, when browsing into an untrusted website, we can add exception to the website in advanced menu

But with Che/minikube, there is no such option, we have a message

You cannot visit dex.192.168.64.79.nip.io at the moment because the website sent scrambled credentials that Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.

Che version

next (development version)

Steps to reproduce

1. install minikube
2. launch Chrome / Version 97.0.4692.99 (Official Build) (x86_64)
3. try to continue from Chrome, it's impossible

with Firefox I can add an exception and continue but not anymore with Chrome

Expected behavior

Be able to bypass untrusted certificate warning from the browser without adding certificates to the truststore

Runtime

minikube

Screenshots

Installation method

chectl/next

Environment

macOS

Eclipse Che Logs

No response

Additional context

No response

[l0rd]

@benoitf can you confirm that you have that on a private browser tab? And that happens before you authenticate with Dex right?

[benoitf]

yes it happens on all Chrome tabs

afa3OgcroY.mp4

I just installed che on minikube with chectl and I'm clicking on the dashboard link, that's all

[tolusha]

Minikube v1.24.0
Strange
Google Chrome | 97.0.4692.99 (Official Build) (64-bit)
It allows to procced.

[benoitf]

I've the same error using Microsoft Edge

I got 'proceed' on the first page and I clicked on proceed then it redirected to dex and it failed with the same message

[benoitf]

retried using latest minikube version (1.25.1)

$ minikube version
minikube version: v1.25.1
commit: 3e64b11ed75e56e4898ea85f96b2e4af0301f43d

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.3", GitCommit:"816c97ab8cff8a1c72eccca1026f7820e93e0d25", GitTreeState:"clean", BuildDate:"2022-01-25T21:17:57Z", GoVersion:"go1.17.6", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.1", GitCommit:"86ec240af8cbd1b60bcc4c03c20da9b98005b92e", GitTreeState:"clean", BuildDate:"2021-12-16T11:34:54Z", GoVersion:"go1.17.5", Compiler:"gc", Platform:"linux/amd64"}

So I still have proceed option on dashboard but not on dex

tApiZmtfgR.mp4

[benoitf]

I can open https://192.168.64.81.nip.io/plugin-registry/v3/ (with proceed option) or https://192.168.64.81.nip.io/devfile-registry/

but not the https://dex.192.168.64.81.nip.io page

[l0rd]

@sparkoo @skabashnyuk do you have any clue?

[sparkoo]

I don't know why it is the case for dex. Maybe different kind of certificate? Different way how we use it in ingress?

[l0rd]

I confirm that I can reproduce the problem on macOS with Chrome but not with Firefox.

[l0rd]

@tolusha I have removed the sprint/current label and removed the milestone. Feel free to add a milestone if you plan to work on it during this sprint.

[benoitf]

the issue is still actual with minikube 1.26 / chectl next