Closed boxer-code closed 2 years ago
kragall
commented
2 years ago From your logs it's not clear to me where the error occurs. I assume the error occurs in the DSC when it tries to do the TLS handshake and cannot authenticate the CH with your self-signed(?) certificate? If my assumption is correct then you have to include your CH certificate in your DSC. I guess that they use a truststore, where you need to add the certificate. But you will need to ask the DSC team about this.
boxer-code
commented
2 years ago Ok thanks! But I'm a little bit confused by the certificates. I've used a daps.der certificate in the server/certs folder, a private_key.der in the server/keys folder, a ch-ids.p12 (with one certificate) and a truststore.p12 mounted as volumes of the docker-containers. The .p12 files are mounted as volumes of the trusted-connector container. Which of these certificates would be my self-signed certificate used by the CH? Or am I missing a certificate?
kragall
commented
2 years ago It's helpful to remind yourself that the left-side of a volume definition in docker-compose is "only" the file name on the host and the more relevant part is usually the name on the right. So assuming you named your keystore ch-ids.p12 because that's the name in the example, that will be the certificate you are looking for. It's your client certificate used for TLS.
Hi, I'm trying to connect my self-hosted clearing-house with a dataspace connector (of the IDS-Testbed) but I ran into an error within the certificates. The obtained logs of the connector are:
I guess that the error is caused by a missing certificate in usr/local/share/ca-certificates or that i need to add the ReferenceCa which signed most of the certificates. But I don't know where I need to add which certificate in which format. Do I need to add a certificate of the trusted connector or a certificate of the CH? Thanks in Advance!