You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am registering a grpc service on consul with grpc health check. My service runs on self signed tls certificate and hence I want health check to skip cert verification and as documented, I used tls_skip_verify=true in this registration request but it has no effect, health check keeps on failing with error 'certificate signed by unknown authority'.
I am using latest version of consul.
here is the sample json payload which I use to register service to consul. { 'id': 'test', 'name': 'test', 'address': 'host ip here', 'port': 6666, 'check': { 'name': 'xyz-check', 'grpc': '127.0.0.1:6666', 'grpc_use_tls': true, 'tls_skip_verify': true, 'interval': '10s' }, 'enable_tag_override': false, 'meta': { 'maxCapacity': 10, 'availableCapacity': 10, 'usesTls': true' }, 'tags': [ 'test' ] }
Reproduction Steps
Use latest version of consul and register check for a grpc secure service where in service is running on self signed certificate. use skip_cert_verify=true to skip cert verification but it will be ignored.
Overview of the Issue
I am registering a grpc service on consul with grpc health check. My service runs on self signed tls certificate and hence I want health check to skip cert verification and as documented, I used tls_skip_verify=true in this registration request but it has no effect, health check keeps on failing with error 'certificate signed by unknown authority'.
I am using latest version of consul.
here is the sample json payload which I use to register service to consul.
{ 'id': 'test', 'name': 'test', 'address': 'host ip here', 'port': 6666, 'check': { 'name': 'xyz-check', 'grpc': '127.0.0.1:6666', 'grpc_use_tls': true, 'tls_skip_verify': true, 'interval': '10s' }, 'enable_tag_override': false, 'meta': { 'maxCapacity':
10, 'availableCapacity':
10, 'usesTls': true' }, 'tags': [ 'test' ] }
Reproduction Steps
Use latest version of consul and register check for a grpc secure service where in service is running on self signed certificate. use skip_cert_verify=true to skip cert verification but it will be ignored.
Consul info for both Client and Server
Client info
Operating system and Environment details
Linux #50~20.04.1-Ubuntu SMP x86_64 x86_64 x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered: