Boundary authentication works fine using the command below.
boundary authenticate password -login-name=jeff -password=foofoofoo -auth-method-id=ampw_hJhJKR7YSW
Authentication information: Account ID: apw_M6ZtEOGaVh Auth Method ID: ampw_hJhJKR7YSW Expiration Time: Thu, 11 Mar 2021 16:11:03 JST Token: at_zZgCxVE62v_s1DyENSEDpWRqV2qGw3rtKFNiqZL7v6zFs3vYdsYCjo9bJUbehtGrLNB18gBcMqMsdcbxP4QJ3f4ipQqsgZngfFnn4JWuSofAqgbSM3S User ID: u_imVcjXxKwO
However, using the command
boundary connect ssh -target-id ttcp_jQ6THiE5a6 to connect to the target causes the WebSocket dial error.
Error dialing the worker: failed to WebSocket dial: failed to send handshake request: Get "https://boundary-worker.dev.mydomain.cloud:9202/v1/proxy": tls: server selected unsupported protocol version 303 kex_exchange_identification: read: Connection reset by peer
Unsupported protocol version 303 seems to mean TLS 1.2 isn’t supported. However, I gave
tls_disable = true to all the listeners in both workers and controllers hcl. I’m using NLB in AWS and the TLS gets terminated at LB. So, I can’t really understand why tls related error arise.
Any suggestions or solutions?
It’s weird that the configurations regarding TLS in Boundary Controller and Boundary Worker are exactly the same. However, the client can successfully connect and get authenticated to the Controller without TLS related error, whereas it can’t successfully connect to the Worker.