SSL Cert Errors - Githubissues

cloudfoundry-community / consul-boshrelease

BOSH release for consul

Other

14 stars 20 forks source link

SSL Cert Errors #48

Closed vcardillo closed 6 years ago

vcardillo commented 6 years ago

Hello,

It deployed to AWS, and I generated the creds.yml with with bosh interpolate.

However, something seems wrong with the certs:

# curl https://127.0.0.1:8500/v1/agent/members -k
curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate

From the browser (Chrome):

This site can’t provide a secure connection 172.16.10.6 didn’t accept your login certificate, or one may not have been provided. Try contacting the system admin. ERR_BAD_SSL_CLIENT_AUTH_CERT

vcardillo commented 6 years ago

verify_incoming: false is needed with the initial setup. Otherwise you're telling consul to verify your cert.

      consul:
        ssl_ca: ((consul-ca.ca))
        ssl_cert: ((consul-tls.certificate))
        ssl_key: ((consul-tls.private_key))
        verify_incoming: false