[GitHub] [apisix] anjia0532 commented on issue #4514: bug: nacos fetch instance list got error

Fri, 02 Jul 2021 00:13:42 -0700 


anjia0532 commented on issue #4514:
URL: https://github.com/apache/apisix/issues/4514#issuecomment-872775431


   Use `curl -v https://nacos.xxx.xxx` to get Key Point info `successfully set 
certificate verify locations: CAfile: /etc/ssl/certs/ca-certificates.crt`
   
   Config lua_ssl_trusted_certificate  to /etc/ssl/certs/ca-certificates.crt 
and restart apisix
   
![image](https://user-images.githubusercontent.com/15098916/124235397-c1789c00-db47-11eb-9756-84144528d982.png)
   
   same error again.
   
![image](https://user-images.githubusercontent.com/15098916/124235441-cfc6b800-db47-11eb-93b4-c376b70906e5.png)
   
   
   ```
   curl -v https://nacos.xxx.xxx
   
   *   Trying 192.168.32.204:443...
   * Connected to nacos.xxx.xxx (192.168.32.204) port 443 (#0)
   * ALPN, offering h2
   * ALPN, offering http/1.1
   * successfully set certificate verify locations:
   *  CAfile: /etc/ssl/certs/ca-certificates.crt
   *  CApath: none
   * TLSv1.3 (OUT), TLS handshake, Client hello (1):
   * TLSv1.3 (IN), TLS handshake, Server hello (2):
   * TLSv1.2 (IN), TLS handshake, Certificate (11):
   * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
   * TLSv1.2 (IN), TLS handshake, Server finished (14):
   * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
   * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
   * TLSv1.2 (OUT), TLS handshake, Finished (20):
   * TLSv1.2 (IN), TLS handshake, Finished (20):
   * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
   * ALPN, server accepted to use h2
   * Server certificate:
   *  subject: CN=xxx.xxx
   *  start date: Jun 22 08:48:18 2021 GMT
   *  expire date: Sep 20 08:48:17 2021 GMT
   *  subjectAltName: host "nacos.xxx.xxx" matched cert's "*.xxx.xxx"
   *  issuer: C=US; O=Let's Encrypt; CN=R3
   *  SSL certificate verify ok.
   * Using HTTP2, server supports multi-use
   * Connection state changed (HTTP/2 confirmed)
   * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: 
len=0
   * Using Stream ID: 1 (easy handle 0x7f03d28aca90)
   > GET / HTTP/2
   > Host: nacos.xxx.xxx
   > user-agent: curl/7.77.0
   > accept: */*
   > 
   * Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
   < HTTP/2 404 
   < date: Fri, 02 Jul 2021 07:07:40 GMT
   < content-type: text/html;charset=utf-8
   < content-length: 431
   < vary: Accept-Encoding
   < content-language: en
   < server: BWS/1.1
   ````


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to