You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/09/24 02:58:58 UTC
[GitHub] [apisix] zcstack opened a new issue #5128: request help:
zcstack opened a new issue #5128:
URL: https://github.com/apache/apisix/issues/5128
### Issue description
How do I configure an SSL certificate?
I have a single domain certificate set (Aliyun free certificate, nginx type and �pem format) that has been imported via apisix-Dashboard.
At present, according to https://apisix.apache.org/zh/docs/apisix/certificate documentation testing by:
And then what? How can I do to use https://{{domain name}} and then have the correct return
**
**
### Environment
- apisix version (cmd: `apisix version`):2.9
- OS (cmd: `uname -a`):centos7.9
- OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`):1.19.9.1
- etcd version, if have (cmd: run `curl http://127.0.0.1:9090/v1/server_info` to get the info from server-info API):3.5.0
- apisix-dashboard version, if have:2.8
- the plugin runner version, if the issue is about a plugin runner (cmd: depended on the kind of runner):
- luarocks version, if the issue is about installation (cmd: `luarocks --version`):2.3
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] zcstack commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
zcstack commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926305619
sorry ,The final test should be 9443 !
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] zcstack commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
zcstack commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926411693
hello,The cause of this problem has been found. There is a layer 4 agent in the front end and the corresponding port 443 has been forgotten to open.
Thank you for your answer.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] zcstack commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
zcstack commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926361178
Visit https://apisix-ssl.exsmart.net:9443/v1/white/tools/sts_info to return is a timeout
What do I need to do
To access the page properly in the browser
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926367129
> Visit [apisix-ssl.exsmart.net:9443/v1/white/tools/sts_info](https://apisix-ssl.exsmart.net:9443/v1/white/tools/sts_info) to return is a timeout
> What do I need to do
> To access the page properly in the browser
I think it has something to do with DNS resolution.
curl --resolve 'apisix-ssl.exsmart.net:9443:127.0.0.1' would resolve `apisix-ssl.exsmart.net` to 127.0.0.1, but if it hasn't `--resolve`, curl will perform the DNS resolution process.
This has nothing to do with APISIX, it about the DNS resolution configuration in your environment.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926326405
The response status is 200, what's wrong
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] zcstack commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
zcstack commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926318230
[root@apisix-test apisix]# curl --resolve 'apisix-ssl.exsmart.net:9443:127.0.0.1' https://apisix-ssl.exsmart.net:9443/v1/white/tools/sts_info -vvv -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'
* Added apisix-ssl.exsmart.net:9443:127.0.0.1 to DNS cache
* About to connect() to apisix-ssl.exsmart.net port 9443 (#0)
* Trying 127.0.0.1...
* Connected to apisix-ssl.exsmart.net (127.0.0.1) port 9443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=apisix-ssl.exsmart.net
* start date: Sep 24 00:00:00 2021 GMT
* expire date: Sep 24 23:59:59 2022 GMT
* common name: apisix-ssl.exsmart.net
* issuer: CN=Encryption Everywhere DV TLS CA - G1,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /v1/white/tools/sts_info HTTP/1.1
> User-Agent: curl/7.29.0
> Host: apisix-ssl.exsmart.net:9443
> Accept: */*
> X-API-KEY: edd1c9f034335f136f87ad84b625c8f1
>
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Content-Length: 841
< Connection: keep-alive
< Date: Fri, 24 Sep 2021 03:38:46 GMT
< Server: APISIX/2.9
< Trace-Id: 26e96f91-0dd5-497f-90dc-7e23912df7f7
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET,POST,OPTIONS,DELETE,PUT
< Access-Control-Max-Age: 5
< Access-Control-Expose-Headers: *
< Access-Control-Allow-Headers: *
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926310326
pls paste text, ranther than images.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] zcstack closed issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
zcstack closed issue #5128:
URL: https://github.com/apache/apisix/issues/5128
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926311813
`curl --resolve 'test-doxxxxxxx' https://xxxx:9443/v1/white/xxx` already returned correctly? 9443 is APISIX listening port, and the response status is 200.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] zcstack commented on issue #5128: request help:
Posted by GitBox <gi...@apache.org>.
zcstack commented on issue #5128:
URL: https://github.com/apache/apisix/issues/5128#issuecomment-926380696
I didn't make any DNS changes. And I've tested it in multiple environments, and the results are exactly the same with no correct return
And it's OK if I'm accessing HTTP
➜ ~ curl http://apisix-ssl.exsmart.net/v1/white/tools/sts_info - I
HTTP / 1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 841
Connection: keep-alive
Date: Fri, 24 Sep 2021 06:28:58 GMT
Server: APISIX / 2.9
Trace-Id: 5ea5184c-7cc6-470a-8a9e-e9eb8c7ce673
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS,DELETE,PUT
Access-Control-Max-Age: 5
Access-Control-Expose-Headers: *
Access-Control-Allow-Headers: *
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org