2020-02-15 00:21:49 UTC - Rodric Rabbah: controller logs are your friend in this case https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581726109032800?thread_ts=1581717463.032700&cid=C3TPCAQG1 ---- 2020-02-15 01:01:37 UTC - Tom Barber: ```* Expire in 200 ms for 4 (transfer 0x560adbc107a0) * Connected to owdev-nginx.openwhisk.svc.cluster.local (10.100.172.80) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * error:1408F10B:SSL routines:ssl3_get_record:wrong version number * Closing connection 0 curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number bash-4.4# curl -vvv <https://owdev-nginx.openwhisk.svc.cluster.local/api/v1/namespaces/guest/actions/>``` https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581728497033200 ---- 2020-02-15 01:01:48 UTC - Tom Barber: anyone ever come across any weird SSL errors? https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581728508033500 ---- 2020-02-15 01:06:22 UTC - Tom Barber: ```bash-4.4# echo | openssl s_client -showcerts -servername <http://gnupg.org|gnupg.org> -connect owdev-nginx.openwhisk.svc.cluster.local:443 2>/dev/null | openssl x509 -inform pem -noout -text unable to load certificate 140070937697128:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE``` https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581728782033900 ---- 2020-02-15 01:06:43 UTC - Tom Barber: it would appear that its not serving an SSL cert but the hosts environment variable is handing over an https url https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581728803034600 ---- 2020-02-15 01:22:17 UTC - Tom Barber: I've imported an AWS generated certificate into the k8s service, so that the https external requests work fine https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581729737036900 ---- 2020-02-15 01:22:21 UTC - Tom Barber: which they do https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581729741037200 ---- 2020-02-15 01:22:46 UTC - Tom Barber: but it looks like the internal requests are now very sad, but its like its not even hitting the right endpoint or something https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581729766037800 ---- 2020-02-15 01:22:50 UTC - Tom Barber: ...weird https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581729770038100 ---- 2020-02-15 11:48:59 UTC - Tom Barber: bleh using the nginx service either the external routes work https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581767339038600 ---- 2020-02-15 11:49:05 UTC - Tom Barber: or the internal routes work https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581767345039000 ---- 2020-02-15 11:49:08 UTC - Tom Barber: but not both https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581767348039200 ---- 2020-02-15 11:49:10 UTC - Tom Barber: :exploding_head: https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1581767350039400 ----
