I've just activated certificates on my radosgw, and the manager is unable to talk to it.
On the manager logs, I see:
2021-04-23T15:05:03.917+0200 7f4109309700 0 [dashboard ERROR urllib3.connection] Certificate did not match expected hostname: XXX Certificate: {...)}
2021-04-23T15:05:03.918+0200 7f4109309700 0 [dashboard ERROR exception] Internal Server Error
Traceback (most recent call last):
File "/lib/python3.6/site-packages/urllib3/connectionpool.py", line 600, in urlopen
chunked=chunked)
File "/lib/python3.6/site-packages/urllib3/connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "/lib/python3.6/site-packages/urllib3/connectionpool.py", line 839, in _validate_conn
conn.connect()
File "/lib/python3.6/site-packages/urllib3/connection.py", line 364, in connect
_match_hostname(cert, self.assert_hostname or server_hostname)
File "/lib/python3.6/site-packages/urllib3/connection.py", line 374, in _match_hostname
match_hostname(cert, asserted_hostname)
File "/lib64/python3.6/ssl.py", line 287, in match_hostname
% (hostname, ', '.join(map(repr, dnsnames))))
ssl.CertificateError: hostname 'SOMEIP' doesn't match either of 'XXX'
So the manager is communicating to the gateway using the IP. So I configured the names in ceph.conf:
[client.radosgw.ID]
rgw_data = /data/ceph/data/radosgw/$cluster.ID
log_file = /data/ceph/logs/$cluster-radosgw.ID.log
rgw_frontends = "beast ssl_endpoint=0.0.0.0:443 ssl_certificate=/data/ceph/conf/ceph.crt ssl_private_key=/data/ceph/conf/ceph.key"
rgw_dns_name = XXX
But it's seems that the line rgw_dns_name is not used by the manager. Where does it resolve the name to use for the connection ?
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
