Not able to configure SSL authentication


#1

Facing below error

{"component":"sensu-etcd","error":"error creating backend ID: error granting lease: context canceled","level":"error","msg":"error generating backend ID","time":"2018-11-09T11:01:24-05:00"}

WARNING: 2018/11/09 11:01:24 grpc: Server.processUnaryRPC failed to write status: connection error: desc = "transport is closing"

WARNING: 2018/11/09 11:01:24 grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: Error while dialing dial tcp 127.0.0.1:2379: operation was canceled"; Reconnecting to {127.0.0.1:2379 0 <nil>}

WARNING: 2018/11/09 11:01:24 grpc: addrConn.transportMonitor exits due to: grpc: the connection is closing

WARNING: 2018/11/09 11:01:24 grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: Error while dialing dial tcp 127.0.0.1:2379: connect: connection refused"; Reconnecting to {127.0.0.1:2379 0 <nil>}

WARNING: 2018/11/09 11:01:24 grpc: addrConn.transportMonitor exits due to: grpc: the connection is closing

WARNING: 2018/11/09 11:01:24 grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: Error while dialing dial tcp 127.0.0.1:2379: connect: connection refused"; Reconnecting to {127.0.0.1:2379 0 <nil>}

{"component":"etcd","level":"warning","msg":"simple token is not cryptographically signed","pkg":"auth","time":"2018-11-09T11:01:25-05:00"}

Backend yml is mentioned below

Configuration

---

##

# general configuration

##

state-dir: "/var/lib/sensu"

##

# agent configuration

##

agent-host: <IP> # listen on all IPv4 and IPv6 addresses

agent-port: 8081

##

# api configuration

##

api-host: 127.0.0.1 # listen on all IPv4 and IPv6 addresses

api-port: 8080

##

# ssl configuration

##

cert-file: "/etc/sensu/ssl/cert.pem"

key-file: "/etc/sensu/ssl/key"

trusted-ca-file: "/etc/sensu/ssl/cacerts/Citi_DEVELOPMENT_chain.pem"

#insecure-skip-tls-verify: false

##

# store configuration

##

#etcd-listen-client-urls: ""

#etcd-listen-peer-urls: ""

#etcd-initial-cluster: ""

#etcd-initial-advertise-peer-urls: ""

#etcd-initial-cluster-state: ""

#etcd-initial-cluster-token: ""

#etcd-name: ""

##

# dashboard configuration

##

#dashboard-host: "[::]" # listen on all IPv4 and IPv6 addresses

dashboard-port: 3000

##

# other

##

#cache-dir: "/var/cache/sensu/sensu-backend"

#config-file: ""

#debug: false

#deregistration-handler: ""

#log-level: "warn"

#2

Hello again @balajik515 :slight_smile:

It looks like the pasted configuration and logs have a lot of HTML artifacts (e.g. ") but from what I can see, your path to your key-file doesn’t seem right. Make sure it points to a PEM file!


#3

@palourde that may be a result of my adding ``` to the code to make it a bit more readable. @balajik515 can you paste the config in again, but ensure that you’ve surrounded the example with ``` ?