Can't connect to etcd cluster via etcdctl due to certificate issue

17 views

Skip to first unread message

Arve Knudsen

unread,

Jul 23, 2017, 5:51:26 PM7/23/17

to CoreOS Dev

Hello

I've created an SSL enabled etcd cluster on DigitalOcean (for my DO port of Tectonic Installer), but something's not set up right. When I try to list the members of the cluster via etcdctl, this happens:

$ sudo etcdctl --debug --ca-file=/etc/ssl/etcd/ca.crt --cert-file=/etc/ssl/etcd/client.crt --key-file=/etc/ssl/etcd/client.key --endpoints=https://etcd-0.etcd.coreos-testing.k8s.socialfoodie.club:2379 member list

start to sync cluster using endpoints(https://etcd-0.etcd.coreos-testing.k8s.socialfoodie.club:2379)

cURL Command: curl -X GET https://etcd-0.etcd.coreos-testing.k8s.socialfoodie.club:2379/v2/members

Error: x509: certificate is valid for etcd, not etcd-0.etcd.coreos-testing.k8s.socialfoodie.club

As far as I can tell, this issue occurs because the common name (CN of the certificate is 'etcd' instead of 'etcd-0.etcd.coreos-testing.k8s.socialfoodie.club'). Can someone tell me if this is actually the issue and that the CN should actually be etcd-0.etcd.coreos-testing.k8s.socialfoodie.club?

Thanks,

Arve

Reply all

Reply to author

Forward

0 new messages