I noticed I did not run the lxc config trust add client.crt call as suggested earlier.
So I cd /root/.config/lxc lxc config trust add client.crt then lxc config trust list and got to finger prints back Next ran curl -v -k https://192.168.0.50:8443/1.0/images * Hostname was NOT found in DNS cache * Trying 192.168.0.50... * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Request CERT (13): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS alert, Server hello (2): * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate * Closing connection 0 curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate root@c5:~# Unless I am missing another config step here. Sure looks like the LDX image server is sending out bad certs into the wild. -Kevin _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
