You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/11/08 05:01:08 UTC

[GitHub] [apisix] waringid commented on issue #4322: request help: etcd TLS

waringid commented on issue #4322:
URL: https://github.com/apache/apisix/issues/4322#issuecomment-962813808


   > 设置相关参数，如下： ssl_trusted_certificate: "/opt/etcd/ssl/ca.pem" tls: key: "/opt/etcd/ssl/client-key.pem" cert: "/opt/etcd/ssl/client.pem" verify: true 日志报错： 2021/05/27 10:09:13 [error] 44#44: *16 SSL_do_handshake() failed (SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:SSL alert number 42), context: ngx.timer 2021/05/27 10:09:13 [error] 44#44: *24 SSL_do_handshake() failed (SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:SSL alert number 42), context: ngx.timer 2021/05/27 10:09:13 [error] 45#45: *34 SSL_do_handshake() failed (SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:SSL alert number 42), context: ngx.timer 2021/05/27 10:09:13 [error] 45#45: *49 SSL_do_handshake() failed (SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:SSL alert number 42), context: ngx.timer 请问有可能是哪里出问题了呢？用 etcdctl --endpoints="https://
 192.168.58.128:2379" --cacert="/opt/etcd/ssl/ca.pem" --key="/opt/etcd/ssl/client-key.pem" --cert="/opt/etcd/ssl/client.pem" get /apisix/plugins 是可以返回内容的。
   
   这个问题解决了吗？我也遇到同样的情况。


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org