singhajitk opened a new issue, #11114: URL: https://github.com/apache/apisix/issues/11114
### Description Getting tlsv1 alert internal error when using ApisixTls by following the link https://apisix.apache.org/docs/ingress-controller/concepts/apisix_tls/ Error: * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS alert, internal error (592): * error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error * Closing connection 0 curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error ### Environment Hi @shreemaan-abhishek, I am getting ssl error while making curl call to ssl enable upstream. I have configured ApisixTls for the upstream SNI. For the below ApisixTls configuration, We have followed the documentation https://github.com/apache/apisix-ingress-controller/blob/master/docs/en/latest/tutorials/manage-certificates-with-cert-manager.md but still getting ssl error ``` apiVersion: apisix.apache.org/v2 kind: ApisixTls metadata: name: my-tls spec: hosts: - <host url> secret: name: app-secret namespace: default client: caSecret: name: app-ca-secret namespace: default depth: 10 ``` Error: * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS alert, internal error (592): * error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error * Closing connection 0 curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error APISIX deployment info: APISIX version : - 3.8.0 Operating system : Linux apisix-647b4867df-79542 5.4.0-136-generic test: only check part of schema. #153~18.04.1-Ubuntu SMP Wed Nov 30 15:47:57 UTC 2022 x86_64 GNU/Linux OpenResty / Nginx version (run openresty -V or nginx -V): nginx version: openresty/1.21.4.2 built by gcc 10.2.1 20210110 (Debian 10.2.1-6) built with OpenSSL 3.2.0 23 Nov 2023 TLS SNI support enabled APISIX Dashboard version, if relevant: 3.0.0 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
