Troubleshooting SSL Related Issues in Posit Professional Products
Overview
Configure Posit Professional products (Posit Workbench, Posit Connect, and Posit Package Manager) to use SSL Certificates.
This guide provides examples of a few common scenarios that you could encounter while configuring or using SSL certificates in Posit Professional products and how to troubleshoot them.
Configure SSL
Posit covers the configuration instructions in a separate topic.
To review the configuration instructions, please select one of the following links for your product:
Scenario 1. SSL Certificates don’t work when Publishing to Connect
Problem:
While publishing content from Workbench to an Connect instance with SSL configured, the user could encounter an error related to certificate not trusted
.
Solution:
To resolve this, register the certificate used by Connect in the Workbench server. The instructions change depending on the flavor of Linux that you’re using.
Scenario 2: Workbench and Connect aren’t able to download packages from Package Manager
Problem:
install.packages
package isn’t working correctly.
When the Package Manager server has an SSL certificate assigned to it, then the Linux OS for both Workbench and Connect needs to trust the certificate. If not, then the install.packages
package doesn’t work correctly.
Solution:
This issue is similar to the issue described in Scenario 1. Resolve this issue by following the Linux-flavor specific instructions to add SSL certificates to the machine.
Scenario 3: SSL Certificate not working with Local Launcher
Problem:
Error when launching sessions.
If you have configured local launcher in Workbench and are using SSL certificates, you might encounter an error while launching sessions.
The error reads like:
Error launching jobs:
"please verify your callback address setting for launcher.conf."
Solution:
Resolve this issue by updating the Local launcher configuration so that the launcher uses the correct callback address of the Workbench that has an SSL certificate added to it.
Scenario 4: Troubleshooting SSL Issues with pins
package
Problem:
Error when Shiny Apps are trying to access pins
.
A common issue when using pins
is when the user can successfully push pins to an Connect server and call the pins. However, Shiny Apps that are trying to access the pin
are failing.
The error reads like:
Console output
"Error in value[[3L]](cond) : Peer's Certificate issuer is not recognized."
Solution:
A potential solution is to add the certificate that the Connect server is using to the trusted store on the Connect server itself, given that it’s local request.
If that doesn’t work or if it isn’t an option, then you can approach this issue from your R code. Execute the following setting before using the pins
package:
Console output
httr::set_config(config(ssl_verifypeer = FALSE, ssl_verifyhost = FALSE))
Didn’t find a solution?
If your scenario isn’t covered by this guide and you are still having trouble, please:
- Review the Posit Support documentation
- Reach out to Support at support@posit.co to open a request