I’m successfully running a Discourse site locally using OrbStack as a Docker Desktop alternative. It provides a custom hostname and server the container with an SSL certificate, and without the 4200 port appended. i.e. https://discourse.orb.local
However, when I want to use discourse_theme CLI app for for local development, I get an error complaining about the SSL connection: certificate verify failed
discourse_theme watch .
$ discourse_theme watch .
» Using https://discourse.orb.local from /Users/user123/.discourse_theme
» Using api key from /Users/user123/.discourse_theme
/opt/homebrew/lib/ruby/gems/3.3.0/gems/net-protocol-0.2.2/lib/net/protocol.rb:46:in `connect_nonblock': SSL_connect returned=1 errno=0 peeraddr=198.19.248.3:443 state=error: certificate verify failed (self-signed certificate in certificate chain) (OpenSSL::SSL::SSLError)
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/net-protocol-0.2.2/lib/net/protocol.rb:46:in `ssl_socket_connect'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/net-http-0.6.0/lib/net/http.rb:1742:in `connect'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/net-http-0.6.0/lib/net/http.rb:1642:in `do_start'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/net-http-0.6.0/lib/net/http.rb:1631:in `start'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/net-http-0.6.0/lib/net/http.rb:2375:in `request'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/discourse_theme-2.1.6/lib/discourse_theme/client.rb:144:in `request'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/discourse_theme-2.1.6/lib/discourse_theme/client.rb:112:in `discourse_version'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/discourse_theme-2.1.6/lib/discourse_theme/client.rb:19:in `initialize'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/discourse_theme-2.1.6/lib/discourse_theme/cli.rb:72:in `new'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/discourse_theme-2.1.6/lib/discourse_theme/cli.rb:72:in `run'
from /opt/homebrew/lib/ruby/gems/3.3.0/gems/discourse_theme-2.1.6/bin/discourse_theme:6:in `<top (required)>'
from /opt/homebrew/lib/ruby/gems/3.3.0/bin/discourse_theme:25:in `load'
from /opt/homebrew/lib/ruby/gems/3.3.0/bin/discourse_theme:25:in `<main>'
I have the latest versions of discourse_theme, OrbStack, openssl, and ca-certificates.
When I use Curl, I get a confirmation of a valid certificate too:
curl -Iv https://discourse.orb.local
curl -Iv https://discourse.orb.local
* Host discourse.orb.local:443 was resolved.
* IPv6: (none)
* IPv4: 198.19.248.3
* Trying 198.19.248.3:443...
* Connected to discourse.orb.local (198.19.248.3) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/cert.pem
* CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
* subject: O=OrbStack Development; OU=Containers & Services; CN=discourse.orb.local
* start date: Aug 25 08:07:50 2025 GMT
* expire date: Nov 25 09:07:50 2027 GMT
* subjectAltName: host "discourse.orb.local" matched cert's "discourse.orb.local"
* issuer: O=OrbStack Development; OU=Containers & Services; CN=OrbStack Development Root CA
* SSL certificate verify ok.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://discourse.orb.local/
* [HTTP/2] [1] [:method: HEAD]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: discourse.orb.local]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.7.1]
* [HTTP/2] [1] [accept: */*]
> HEAD / HTTP/2
> Host: discourse.orb.local
> User-Agent: curl/8.7.1
> Accept: */*
>
* Request completely sent off
< HTTP/2 200
What is actually causing this problem? Any ideas?