xyz2b opened a new issue #4333: URL: https://github.com/apache/apisix/issues/4333
### Issue description apisix etcd do not support ca cert config, self-signed certificate verification failed `[app@VM_97_180_centos apisix]$ ./bin/apisix start --config ./conf/apisix.yaml /data/app/openresty/luajit/bin/luajit ./apisix/cli/apisix.lua start --config ./conf/apisix.yaml mv: ‘/data/app/apisix/conf/config.yaml’ and ‘/data/app/apisix/conf/config.yaml.bak’ are the same file ln: failed to create hard link ‘/data/app/apisix/conf/config.yaml’: File exists Use customized yaml: ./conf/apisix.yaml request etcd endpoint 'https://etcd01.apisix.webank.com:2379/version' error, certificate verify failed` `[app@VM_97_180_centos apisix]$ curl --cacert ./ssl/ca.pem -i https://etcd01.apisix.webank.com:2379/version HTTP/1.1 200 OK Access-Control-Allow-Headers: accept, content-type, authorization Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Origin: * Content-Type: application/json Date: Sat, 29 May 2021 02:11:15 GMT Content-Length: 45 {"etcdserver":"3.4.16","etcdcluster":"3.4.0"}` ### Environment Request help without environment information will be ignored or closed. * apisix version (cmd: `apisix version`): 2.6 * OS (cmd: `uname -a`): Linux VM_97_180_centos 3.10.0-1127.13.1.el7.x86_64 #1 SMP Tue Jun 23 15:46:38 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux * OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`): `nginx version: openresty/1.19.3.1 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/data/app/openresty/nginx --with-debug --with-cc-opt='-DNGX_LUA_USE_ASSERT -DNGX_LUA_ABORT_AT_PANIC -O2' --add-module=../ngx_devel_kit-0.3.1 --add-module=../echo-nginx-module-0.62 --add-module=../xss-nginx-module-0.06 --add-module=../ngx_coolkit-0.2 --add-module=../set-misc-nginx-module-0.32 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.08 --add-module=../srcache-nginx-module-0.32 --add-module=../ngx_lua-0.10.19 --add-module=../ngx_lua_upstream-0.07 --add-module=../headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.19 --add-module=../redis2-nginx-module-0.15 --add-module=../redis-nginx-module-0.3.7 --add-module=../rds-json-nginx-module-0.15 --add-module=../rds-csv-nginx-module-0.09 --add-module=../ngx_stream_lua-0.0.9 --with-ld-opt=-Wl,-rpath,/data/app/openresty/luajit/lib --user=app --group=apps --with-http_ssl_module --with-http_flv_module --w ith-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-http_realip_module --with-http_v2_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module` * etcd version, if have (cmd: run `curl http://127.0.0.1:9090/v1/server_info` to get the info from server-info API): * apisix-dashboard version, if have: * luarocks version, if the issue is about installation (cmd: `luarocks --version`): 3.4.0 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
