Hello,
I generated SSL self-signed certificates with openssl.
I would like to use them in consul.
When I start consul, I have this error message:
WARNING: LAN keyring exists but -encrypt given, using keyring
WARNING: WAN keyring exists but -encrypt given, using keyring
bootstrap = true: do not enable unless necessary
==> Starting Consul agent...
Version: 'v1.6.2'
Node ID: 'c2bb6349-5549-7d5d-8086-bccb398a7836'
Node name: 'consul-app-dc1-01'
Datacenter: 'global' (Segment: '<all>')
Server: true (Bootstrap: true)
Client Addr: [127.0.0.1] (HTTP: 80, HTTPS: 443, gRPC: -1, DNS: 8600)
Cluster Addr: 10.20.6.11 (LAN: 8301, WAN: 8302)
Encrypt: Gossip: true, TLS-Outgoing: true, TLS-Incoming: false, Auto-Encrypt-TLS: false
==> Log data will now stream in as it occurs:
==> Error starting agent: Failed to load cert/key pair: tls: private key does not match public key
2020/01/20 13:48:56 [INFO] agent: Exit code: 1
If I check the cert with openssl:
openssl verify -CAfile ca-chain.cert.pem xxxxxx.cert.pem
dwadm.in.cert.pem: OK
Any ideas what’s wrong ?