search

F5Networks / f5-telemetry-streaming

F5 BIG-IP Telemetry Streaming
Apache License 2.0
53 stars 24 forks source link

Unable to use a Certificate Chain for Generic HTTP Endpoint #248

Closed kaiduerkop closed 1 year ago

kaiduerkop commented 1 year ago

It is not possible to send a certificate with the issuer.

Telemetry Version: 1.32.0

Example:

clientCertificate:
    cipherText: -----BEGIN CERTIFICATE-----\n[certificate]\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n[issuer]\n-----END CERTIFICATE-----

privateKey:
    cipherText: -----BEGIN PRIVATE KEY-----\n[privatekey]\n-----END PRIVATE KEY-----

rootCertificate:
    cipherText: -----BEGIN CERTIFICATE-----\n[cacertificate]\n-----END CERTIFICATE-----

results in Wed, 08 Mar 2023 13:20:56 GMT - severe: [telemetry.Generic_HTTP.f5telemetry_default::test-consumer] Unexpected error: Error: HTTP error: Error: error:0906D06C:PEM routines:PEM_read_bio:no start line

kaiduerkop commented 1 year ago

It seems it's not working even if only add one certificate. I've added a line to debug the cert in lib/consumers/Generic_HTTP/index.js

Wed, 08 Mar 2023 14:29:25 GMT - finest: [telemetry.Generic_HTTP.f5telemetry_default::test-consumer] Cert: -----BEGIN CERTIFICATE-----\n[cert]\n-----END CERTIFICATE----- Wed, 08 Mar 2023 14:29:25 GMT - finest: [telemetry.Generic_HTTP.f5telemetry_default::test-consumer] key: -----BEGIN PRIVATE KEY-----\n[key]\n-----END PRIVATE KEY----- Wed, 08 Mar 2023 14:29:25 GMT - finest: [telemetry.Generic_HTTP.f5telemetry_default::test-consumer] ca: -----BEGIN CERTIFICATE-----\n[ca]\n-----END CERTIFICATE-----

G-gonzalezjimenez commented 1 year ago

Communicated internally and waiting for response, closing the issue here. Reach out if you need more help