tagomoris
commented
8 years ago What is the correct logs or error message? I cannot understand what your configuration fails from your report. Please paste whole log message and stack traces.
Closed johnugeorge closed 8 years ago
tagomoris
commented
8 years ago What is the correct logs or error message? I cannot understand what your configuration fails from your report. Please paste whole log message and stack traces.
johnugeorge
commented
8 years ago I am getting the following error in the fluentd client "failed to establish SSL connection error_class=OpenSSL::SSL::SSLError error=#
But if I add "ca_cert_path" to CA intermediate certificate in fluentd client td-agent conf file (out_secure_forward plugin), error disappears. But,I would like to avoid any change in client and I would want to confine the certificate changes only to server.
Both machines are running ubuntu14.04
tagomoris
commented
8 years ago If you have a server certification and intermediate certification which signs to the server certification, you can create a file by concatenating these into a text file, and specify it as cert_path.
Do like this: https://www.digicert.com/ssl-certificate-installation-nginx.htm
johnugeorge
commented
8 years ago @tagomoris Thank you. It works!
tagomoris
commented
8 years ago @johnugeorge Nice to hear that! I should add a note for it to README, but ...
When I use my SSL certificates in server plugin, I am seeing errors "Certificate verify failed" in client. My ssl certs are signed using Godaddy's Intermediate certificates. (https://certs.godaddy.com/repository/) If i use certfile parameter in client fluentd, it works fine. Is there a possibility to make changes only in server side so that client configs are still same? (Like SSLCertificateChainFile config in Apache?) How do I install Intermediate certificates in server side?