[prev in list] [next in list] [prev in thread] [next in thread]
List: lxc-users
Subject: [lxc-users] No certificate when adding remote
From: Joshua Schaeffer <jschaeffer0922 () gmail ! com>
Date: 2017-10-01 17:56:34
Message-ID: 1cb061c2-459b-ba0c-a6d3-ce3c7e760576 () gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
I've setup my own PKI infrastructure for my LXD hosts and I'm trying to add a remote, \
but I'm getting an error about no certificate being provided:
lxc remote add blllxd03 https://blllxd03.appendata.net:8443
Admin password for blllxd03:
error: No client certificate provided
If I run it with debug I see this after entering the trust password:
[...]
Admin password for blllxd03:
INFO[10-01|11:50:41] Sending request to LXD etag= method=POST \
url=https://blllxd03.appendata.net:8443/1.0/certificates DBUG[10-01|11:50:41]
{
"name": "",
"type": "client",
"certificate": "",
"password": "XXXXXXX"
}
DBUG[10-01|11:50:41] Trying to remove \
/home/lxduser/.config/lxc/servercerts/blllxd03.crt error: No client certificate \
provided
Why would the remote not send its certificate? I have the files: server.ca, \
server.crt, and server.key in /var/lib/lxd/ for both the server and the remote. I \
replaced the the default files with my own. I can verify with OpenSSL that all the \
certs are valid and signed by the CA.
Thanks,
Joshua Schaeffer
[Attachment #5 (text/html)]
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<font face="Droid Serif">I've setup my own PKI infrastructure for my
LXD hosts and I'm trying to add a remote, but I'm getting an error
about no certificate being provided:<br>
<br>
<font face="Droid Sans Mono"> lxc remote add blllxd03
<a class="moz-txt-link-freetext" \
href="https://blllxd03.appendata.net:8443">https://blllxd03.appendata.net:8443</a><br>
Admin password for blllxd03: <br>
error: No client certificate provided</font><br>
<br>
If I run it with debug I see this after entering the trust
password:<br>
<br>
<font face="Droid Sans Mono"> [...]<br>
Admin password for blllxd03: <br>
INFO[10-01|11:50:41] Sending request to
LXD etag= method=POST
url=<a class="moz-txt-link-freetext" \
href="https://blllxd03.appendata.net:8443/1.0/certificates">https://blllxd03.appendata.net:8443/1.0/certificates</a><br>
DBUG[10-01|11:50:41] <br>
{<br>
"name": "",<br>
"type": "client",<br>
"certificate": "",<br>
"password": "XXXXXXX"<br>
} <br>
DBUG[10-01|11:50:41] Trying to remove
/home/lxduser/.config/lxc/servercerts/blllxd03.crt <br>
error: No client certificate provided</font><br>
<br>
Why would the remote not send its certificate? I have the files:
server.ca, server.crt, and server.key in /var/lib/lxd/ for both
the server and the remote. I replaced the the default files with
my own. I can verify with OpenSSL that all the certs are valid and
signed by the CA.<br>
<br>
Thanks,<br>
Joshua Schaeffer<br>
</font>
</body>
</html>
[Attachment #6 (text/plain)]
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic