[Bugs] [Bug 1657398] New: Unable to mount with custom certificate file
bugzilla at redhat.com
bugzilla at redhat.com
Fri Dec 7 21:53:44 UTC 2018
https://bugzilla.redhat.com/show_bug.cgi?id=1657398
Bug ID: 1657398
Summary: Unable to mount with custom certificate file
Product: GlusterFS
Version: 4.1
Component: transport
Severity: high
Assignee: bugs at gluster.org
Reporter: jamesiarmes at gmail.com
CC: bugs at gluster.org
Created attachment 1512678
--> https://bugzilla.redhat.com/attachment.cgi?id=1512678&action=edit
Log file when the default cert file does not exist.
Description of problem:
Mounting gluster with custom cert fails when the cert does not also exist at
the default path.
We're trying to mount multiple file systems on a system, each one with it's own
client certificate. We should be able to do so with the
"transport.socket.ssl-own-cert" option (we'll also want to set the ca list and
private key, but we're starting with the cert to make sure we can actually
configure it).
When we mount using the option, it fails with "could not load our cert at
/etc/ssl/glusterfs.pem." However, if the default cert is in place but the one
we specify isn't, it fails with "could not load our cert at
/etc/ssl/backup.pem" (the path of the custom cert). If both certs are in place
in succeeds.
The command I'm running is mount -t HOST:gluster-volume -o
"server-port=49152,xlator-option=*client*.transport.socket.ssl-own-cert=/etc/ssl/backup.pem"
/mnt/jarmes
Version-Release number of selected component (if applicable): 4.1.5
How reproducible: consistently
Steps to Reproduce:
1. Configure volume with SSL.
2. Attempt to mount with a custom path to the cert file.
Actual results:
Mount fails unless both the default and custom cert exist.
Expected results:
Mount succeeds with custom cert only.
Additional info:
I've set the severity to high as we are blocked on this.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the Bugs
mailing list