I configured the turbulence API to have a floating IP, so I can access it with the browser without tunneling. Therefore, the SSL cert is also for the floating IP, not for the internal IP.
However, the turbulence-agent takes simply api.first_address as contact, which resolves to the internal IP. Consequently, the certificate cannot be validated by the agent and connection fails.
$ tail /var/vcap/sys/log/turbulence_agent/stderr.log
[Agent] 2016/07/26 16:28:30 ERROR - Failed fetching tasks: Fetching tasks '984e4ae8-064c-45f0-b917-4a0d19e702b9': Performing request POST 'https://turbulence:p@192.168.0.13:8080/api/v1/agents/984e4ae8-064c-45f0-b917-4a0d19e702b9/tasks': Performing POST request: Post https://turbulence:p@192.168.0.13:8080/api/v1/agents/984e4ae8-064c-45f0-b917-4a0d19e702b9/tasks: x509: certificate is valid for <redacted>, not 192.168.0.13
I configured the turbulence API to have a floating IP, so I can access it with the browser without tunneling. Therefore, the SSL cert is also for the floating IP, not for the internal IP.
However, the turbulence-agent takes simply
api.first_address
as contact, which resolves to the internal IP. Consequently, the certificate cannot be validated by the agent and connection fails.