[GitHub] [apisix] tzssangglass commented on issue #6418: bug: apisix failed to verify the validity of the server certificate
tzssangglass commented on issue #6418: URL: https://github.com/apache/apisix/issues/6418#issuecomment-1213313531 > 我了解,但这样的话只能配置一个ca证书,如果有多个上游,并且多个上游使用不同的ca证书进行签发,这里只能满足配置一个。 We can use this way: https://github.com/apache/apisix/blob/master/docs/zh/latest/certificate.md#%E8%AE%BE%E7%BD%AE%E5%A4%9A%E4%B8%AA-ca-%E8%AF%81%E4%B9%A6 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #6418: bug: apisix failed to verify the validity of the server certificate
tzssangglass commented on issue #6418: URL: https://github.com/apache/apisix/issues/6418#issuecomment-1212885278 > 在upstream中只配置了client_cert和client_key,却没有client_ca字段, IMO, The CA certificate used for the mTLS connection between APISIX and upstream is ```yaml apisix: ssl: ssl_trusted_certificate: /path/to/certs/ca-certificates.crt ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
