You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@servicecomb.apache.org by GitBox <gi...@apache.org> on 2020/02/25 09:25:32 UTC
[GitHub] [servicecomb-java-chassis] zhangbeiyuan-hw opened a new issue #1595: ServiceCenter的TSL应该怎么配置
zhangbeiyuan-hw opened a new issue #1595: ServiceCenter的TSL应该怎么配置
URL: https://github.com/apache/servicecomb-java-chassis/issues/1595
Windows server 2018上安装SC,需要开启SSL:
1,修改app.conf中ssl_mode = 1
2,在linux上使用openssl生成 ca.crt,server.crt ,server.pem,client.crt等文件(参考https://blog.csdn.net/chen55bo/article/details/78872555)
3,只修改ssl_mode=1,启动SC发现报错,根据报错信息发现会在SC的根目录上找对应的证书文件,所以在根目录创建目录 /etc/ssl,复制ca.crt到trust.cer,复制server.crt到server.cer,复制server.pem到server_key.pem,创建cert_pwd文件(由于不知道该文件格式,根据官网“用于存放解密私钥的对称加密密文文件”,所以只写入了密钥111111)
4,启动SC脚本,报错如下:
报错信息:
2020-02-25 17:20:59.040910 I | http: TLS handshake error from 127.0.0.1:52757: tls: client didn't provide a certificate
2020-02-25 17:21:05.510793 I | http: TLS handshake error from 127.0.0.1:52758: tls: client didn't provide a certificate
2020-02-25 17:21:05.513721 I | http: TLS handshake error from 127.0.0.1:52759: tls: client didn't provide a certificate
2020-02-25 17:21:05.517621 I | http: TLS handshake error from 127.0.0.1:52760: tls: client didn't provide a certificate
2020-02-25 17:21:05.522514 I | http: TLS handshake error from 127.0.0.1:52761: tls: client didn't provide a certificate
2020-02-25 17:21:05.526422 I | http: TLS handshake error from 127.0.0.1:52762: tls: client didn't provide a certificate
2020-02-25T17:21:16.415+0800 INFO service/instance.go:323 heartbeat successful, renew instance[20900b126734dd944323ec432baefaa6f61f1a4e/1acffaa157b011ea95d5fa163e152e5a] ttl to 120. operator
2020-02-25T17:21:16.418+0800 DEBUG backend/registry.go:216 update service center instance[20900b126734dd944323ec432baefaa6f61f1a4e/1acffaa157b011ea95d5fa163e152e5a] heartbeat
我初次接触ssl,对于各文件的作用和使用还不太清楚,不清楚是哪里出错,是生成的认证文件问题?还是配置问题?由于官方指导中对文件的描述定义 和 我在网上查找的资料有出入,求助有没有官网文档从生成认证文件 到 配置文件修改 到 客户端配置 完整的指导,多谢
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [servicecomb-java-chassis] liubao68 closed issue #1595: ServiceCenter的TSL应该怎么配置
Posted by GitBox <gi...@apache.org>.
liubao68 closed issue #1595: ServiceCenter的TSL应该怎么配置
URL: https://github.com/apache/servicecomb-java-chassis/issues/1595
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [servicecomb-java-chassis] liubao68 commented on issue #1595: ServiceCenter的TSL应该怎么配置
Posted by GitBox <gi...@apache.org>.
liubao68 commented on issue #1595: ServiceCenter的TSL应该怎么配置
URL: https://github.com/apache/servicecomb-java-chassis/issues/1595#issuecomment-591403229
service-center 问题提问到 [servicecomb-service-center](https://github.com/apache/servicecomb-service-center/issues)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services