paulcaskey
commented
5 years ago Some equivalent of this would help: ETCDCTL_INSECURE_SKIP_TLS_VERIFY=true
Open paulcaskey opened 5 years ago
paulcaskey
commented
5 years ago Some equivalent of this would help: ETCDCTL_INSECURE_SKIP_TLS_VERIFY=true
There is apparently a bug with the openssl library or configuration here in this python module, such that connections with HTTPS to etcd v3 server fail with an error like this.
E0607 12:43:00.193069658 11623 ssl_transport_security.cc:1238] Handshake failed with fatal error SSL_ERROR_SSL: error:1000006b:SSL routines:OPENSSL_internal:BAD_ECC_CERT.This is reported as GRPC Issue 6722. The workaround is to generate different x509 certs with the downgraded "P-Curve" algorithm of P-256 instead of P-384. Instead, it would be awesome to get this bug fixed here so the workaround is not required.
P.S. My local openssl installation appears current. If that has anything to do with this, I'm all ears.