Behind intercept proxy - cannot update

[joeb1kenobe]

I have security onion setup in a lab environment. When I try to upgrade to 2.3.10, I get the follow error.

Downloading so-acng
Error response from daemon: Get https://quay.io/v2/: remote error: tls: handshake failure
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 543 100 543 0 0 1034 0 --:--:-- --:--:-- --:--:-- 1036
There is a problem downloading the so-acng:2.3.10 image. Details:

gpg: Signature made Thu 12 Nov 2020 09:49:04 PM UTC using RSA key ID FE507013 gpg: BAD signature from "Security Onion Solutions, LLC [email protected]"

In my lab, everything runs through an SSL/TLS intercept proxy (outside of my lab) before going to the internet. To try to resolve some of the ssl/tls error because of the intercept proxy, I have setup another proxy inside that lab. If tls/ssl breaks, I send through my proxy which does not get intercepted by the SSL/TLS intercept proxy.

However, when I setup the proxy config in Security Onion, it doesn't look like soup is honoring the proxy settings when trying to update docker containers. Is there an additional setting that I need to send the container updates through my proxy?

Joe

[TOoSmOotH]

I put in #2019 to address look at fixing this. In the mean time you can do the following to /usr/sbin/soup:

Comment out this line:
https://github.com/Security-Onion-Solutions/securityonion/blob/master/salt/common/tools/sbin/soup#L428

Then add --env HTTPS_PROXY="https://127.0.0.1:3001" to this line in /usr/sbin/so-image-common:
https://github.com/Security-Onion-Solutions/securityonion/blob/master/salt/common/tools/sbin/so-image-common#L140