yuweizzz commented on issue #10309: URL: https://github.com/apache/apisix/issues/10309#issuecomment-1966146293
> it's a self signed certificate,the error still exist.i thought apisix can't get the ocsp url from the certificate if you signed by private key directly like this, this plugins may not work: ``` openssl x509 -req -sha256 -days 365 -in x509.csr -signkey key.pri -out x509.crt ... ``` to make it works, the output certificate needs to signed by CA certificate like: ``` openssl x509 -req -sha256 -days 365 -in x509.csr -CA ca.crt -CAkey ca.pri -out x509.crt ... ``` and combine x509.crt and CA.crt. hope this will be helped. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
