Bad certificate error #3
Comments
|
Hi @niraj8241, In this issue: #1 I had provided some instructions about how to import certificates as described in the etcd documentation here documentation . Have you followed these instructions? Can you provide some further information regarding these certificates (types) in order to perform some tests myself? What is the etcd version that you use? Do you build etcd viewer from source or do you use the docker based distribution? Thank you in advance, PS: I also have to check the latest etcd security documetation and cross check the instructions I had assembled. |
|
Hi @nikfoundas yes i followed the guidelines in issue #1 and still get a bad certificate error. Below are the information you requested: ubuntu@etcd-cluster-1:~$ etcd --version I installed etcd from source. The certificates are verisign certificates signed by a legitimate CA. Thanks in advance, |
Hi,
I have an etcd cluster with 2 nodes and it works over https and with certificate authentication. I have legitimate certs, keys and ca-certificates from symantec. I can use the URL from postman and even via browser and it works fine without any issues. But when i use etcd-viewer with the latest version of it, i recieve the following error when connecting.
Note:- I have imported the certs in java trust store.
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://etcd.xxxx.com:2379/version: Received fatal alert: bad_certificate
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1365)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1349)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:652)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.jaxrs.client.AbstractClient.doRunInterceptorChain(AbstractClient.java:624)
at org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:1100)
The text was updated successfully, but these errors were encountered: