danieldean opened a new issue, #53493:
URL: https://github.com/apache/airflow/issues/53493
### Apache Airflow version
3.0.3
### If "Other Airflow 2 version" selected, which one?
_No response_
### What happened?
When using Docker with a self-signed certificate all appears to initially be
well from the front end but DAGS will never run and eventually get marked as
failed. The message in the run log is:
```
ERROR - Executor reports task instance <...> finished (failed) although the
task says it's queued. (Info: None) Was the task killed externally?
```
Checking container logs shows that the worker is unable to communicate with
the API server due to an SSL certificate verification error:
```
airflow-worker-1 | 2025-07-18 09:21:32.543021 [error] Task
execute_workload[73ed6338-5c59-450c-8e6a-284d52e0cf60] raised unexpected:
ConnectError('[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed:
self-signed certificate (_ssl.c:1010)') [celery.app.trace]
```
#50726 mentions this and a possible workaround by assigning alternative
names localhost and airflow-apiserver to the self-signed certificate then
adding it into the container. I tried this and was unable to get it to work
with the same error message.
### What you think should happen instead?
I think not working immediately is sensible but there should be a config
parameter to disable certificate verification with suitable warning against
doing so.
The setup should still work without needing to import the self-signed
certificate to get it verified.
### How to reproduce
Setup Airflow as per
https://airflow.apache.org/docs/apache-airflow/stable/howto/docker-compose/index.html
then add SSL with:
```
AIRFLOW__WEBSERVER__WEB_SERVER_SSL_CERT: <cert>
AIRFLOW__WEBSERVER__WEB_SERVER_SSL_KEY: <key>
``
Or their equivalent new API versions. Set the below to HTTPS and add -k flag
for healthcheck:
```
AIRFLOW__CORE__EXECUTION_API_SERVER_URL:
'https://airflow-apiserver:8080/execution/'
...
test: ["CMD", "curl", "--fail", "-k",
"https://localhost:8080/api/v2/version";]
```
Start up Airflow, try to run a DAG and check airflow-worker-1 logs.
### Operating System
Ubuntu 22.04.5 LTS
### Versions of Apache Airflow Providers
Not relevant.
### Deployment
Docker-Compose
### Deployment details
Compose file as provided with amendments already give. Docker version
28.3.2, build 578ccf6. Nothing else relevant.
### Anything else?
Nothing else to add.
### Are you willing to submit PR?
- [ ] Yes I am willing to submit a PR!
### Code of Conduct
- [x] I agree to follow this project's [Code of
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
