Remove single quotes in TLS Creation #536

stokkie90 · 2020-07-10T08:50:26Z

When enabling TLS got the following error in the consul-server-acl-init Job:

2020-07-10T08:48:47.070317259Z 2020-07-10T08:48:47.070Z [ERROR] Failure: calling /agent/self to get datacenter: err="Get "https://consul-server-0.consul-server.consul.svc:8501/v1/agent/self": x509: certificate is valid for consul-server, *.consul-server, '*.consul-server.consul', '*.consul-server.consul.svc', *.server.dc1.consul, server.dc1.consul, localhost, not consul-server-0.consul-server.consul.svc"
2020-07-10T08:48:47.07034817Z 2020-07-10T08:48:47.070Z [INFO]  Retrying in 1s

After digging in, I noticed the Cert that is being generated contains single quotes. and that's why it wont match.

DNS Name: consul-server
DNS Name: *.consul-server
DNS Name: '*.consul-server.consul'  <------------
DNS Name: '*.consul-server.consul.svc'  <------------
DNS Name: *.server.dc1.consul
DNS Name: server.dc1.consul
DNS Name: localhost
IP Address: 127.0.0.1

hashicorp-cla · 2020-07-10T08:50:28Z

All committers have signed the CLA.

lkysow · 2020-07-10T17:46:44Z

Thanks! I've merged this with #538

Remove single quotes in TLS Creation

dda0f68

lkysow added the bug Something isn't working label Jul 10, 2020

lkysow mentioned this pull request Jul 10, 2020

Fix bug with quotes in the DNS SAN for server tls certs #538

Merged

lkysow closed this Jul 10, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove single quotes in TLS Creation #536

Remove single quotes in TLS Creation #536

stokkie90 commented Jul 10, 2020

hashicorp-cla commented Jul 10, 2020 •

edited

Loading

lkysow commented Jul 10, 2020

Remove single quotes in TLS Creation #536

Remove single quotes in TLS Creation #536

Conversation

stokkie90 commented Jul 10, 2020

hashicorp-cla commented Jul 10, 2020 • edited Loading

lkysow commented Jul 10, 2020

hashicorp-cla commented Jul 10, 2020 •

edited

Loading