sccblue opened a new issue, #9003: URL: https://github.com/apache/apisix/issues/9003
### Current Behavior 在dashboard上传证书后,apisix能自行找到https证书并处理https请求 但是,当运行apisix(traditional mode)的pod全部被重启过一遍后(可以让deployment副本数为1,即只运行一个pod,然后kubectl delete pod),待新pod起来后,http请求可以正常转发,https请求会报错 failed to find any SSL certificate by SNI 用户自行修复的方式:进入dashboard控制台-证书。在“证书列表“中的所有证书删除再次删除,即可恢复(全部域名都需要操作一次) ### Expected Behavior 不要出现该问题 ### Error Logs _No response_ ### Steps to Reproduce 在dashboard上传证书后,apisix能自行找到https证书并处理https请求 但是,当运行apisix(traditional mode)的pod全部被重启过一遍后(可以让deployment副本数为1,即只运行一个pod,然后kubectl delete pod),待新pod起来后,http请求可以正常转发,https请求会报错 failed to find any SSL certificate by SNI 用户自行修复的方式:进入dashboard控制台-证书。在“证书列表“中的所有证书删除再次删除,即可恢复(全部域名都需要操作一次) ### Environment - APISIX version (run `apisix version`):2.15.1 2.15.2 - Operating system (run `uname -a`):5.4.0-1065-gke #68-Ubuntu SMP Wed Mar 2 14:58:37 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux (从官方下载的docker pull apache/apisix:2.15.2-centos docker pull apache/apisix:2.15.1-centos) - - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): - nginx version: openresty/1.21.4.1 built by gcc 9.3.1 20200408 (Red Hat 9.3.1-2) (GCC) built with OpenSSL 1.1.1n 15 Mar 2022 (running with OpenSSL 1.1.1s 1 Nov 2022) TLS SNI support enabled configure arguments: --prefix=/usr/local/openresty/nginx --with-cc-opt='-O2 -DAPISIX_BASE_VER=1.21.4.1.3 -DNGX_GRPC_CLI_ENGINE_PATH=/usr/local/openresty/libgrpc_engine.so -DNGX_HTTP_GRPC_CLI_ENGINE_PATH=/usr/local/openresty/libgrpc_engine.so -DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/zlib/include -I/usr/local/openresty/pcre/include -I/usr/local/openresty/openssl111/include' --add-module=../ngx_devel_kit-0.3.1 --add-module=../echo-nginx-module-0.62 --add-module=../xss-nginx-module-0.06 --add-module=../ngx_coolkit-0.2 --add-module=../set-misc-nginx-module-0.33 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.09 --add-module=../srcache-nginx-module-0.32 --add-module=../ngx_lua-0.10.21 --add-module=../ngx_lua_upstream-0.07 --add-module=../headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.19 --add-module=../redis2-nginx-module-0.15 --add-module=../redis-nginx-module-0.3.9 --ad d-module=../ngx_stream_lua-0.0.11 --with-ld-opt='-Wl,-rpath,/usr/local/openresty/luajit/lib -Wl,-rpath,/usr/local/openresty/wasmtime-c-api/lib -L/usr/local/openresty/zlib/lib -L/usr/local/openresty/pcre/lib -L/usr/local/openresty/openssl111/lib -Wl,-rpath,/usr/local/openresty/zlib/lib:/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl111/lib' --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../mod_dubbo-1.0.2 --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../ngx_multi_upstream_module-1.1.1 --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../apisix-nginx-module-1.11.0 --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../apisix-nginx-module-1.11.0/src/stream --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../apisix-nginx-module-1.11.0/src/meta --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../wasm-nginx-module-0.6.4 --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../lua-var-nginx-module-v0.5.3 --add-module=/tmp/tmp.Xhr2NIouwg/openresty-1.21.4.1/../grp c-client-nginx-module-v0.3.1 --with-poll_module --with-pcre-jit --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_v2_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_auth_request_module --with-http_secure_link_module --with-http_random_index_module --with-http_gzip_static_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-threads --with-compat --with-stream --with-http_ssl_module - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): {"etcdserver":"3.5.7","etcdcluster":"3.5.0"} - - APISIX Dashboard version, if relevant: docker pull apache/apisix-dashboard:3.0.0-centos - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
