ssl web not work it doesn't contain any IP SANs

[402309718]

when I configure orchestrator with SSL

when I login the leader node it works and when I login to the other member nodes it doesn't work and the background log below: 2019/09/10 04:56:45 http: proxy error: x509: cannot validate certificate for 192.168.153.134 because it doesn't contain any IP SANs Sep 10 04:56:45 orch_3 orchestrator: [martini] Completed 502 Bad Gateway in 9.722656ms

[402309718]

how to slove it ?

[yakirgb]

I think that your certificate is not valid. Check if your certificate includes the IP address of the registry service in the SAN section and use it in the registry.

# openssl x509 -in /root/ca1/server.crt -noout -text | grep "Subject Alternative Name" -A 1
            X509v3 Subject Alternative Name: 
                IP Address: 192.168.153.134

If you want to generate new certificate, you have great examples in: https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs