Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

TLS certificates should be valid for .service and .node

See original GitHub issue

When working on #1406, I used the short DNS form for a service, i.e. without the consul_dns_domain, and got the following message:

May 10 07:33:01 lb0-control-01 docker[21812]: time="2016-05-10T07:33:01Z" level=error msg="Put https://consul.service:8500/v1/session/create: x509: certificate is valid for localhost, *.node.consul, *.service.consul, not consul.service"

The cert we deploy should also be valid for those short constructions.

Ansible version (ansible --version): 1.9.4
Python version (python --version): n/a
Git commit hash or branch: master
Cloud Environment: aws
Terraform version (terraform version): 0.6.14

Issue Analytics

State:
Created 7 years ago
Comments:22 (12 by maintainers)

Top GitHub Comments

1reaction

distributorofpaincommented, May 19, 2016

I might be missing something… we are creating docker containers with software in them that is running a tomcat instance or java instance that uses a certificate. When i spin them up in marathon, how are these changes going to allow that to work? right now, we are putting the mantl general cert in the containers and rebuilding them. Is that fix working outside the container? Also, to apply, do i have to recreate the environment( justy verifying )? I am still trying to figure out the internals of this setup 😃

0reactions

langston-barrettcommented, Jun 7, 2016

@distributorofpain Please open another issue or find me on Gitter if you’d like to discuss further!