mkcert icon indicating copy to clipboard operation
mkcert copied to clipboard
verified publisher icon FiloSottile

Shared CN in CA and server certs

Open whorvath2 opened this issue 3 years ago • 0 comments

Environment

  • Operating system (including version): podman container (base image is Python: 3.9)
  • mkcert version (from mkcert -version): 1.4.4
  • Server (where the certificate is loaded): localhost:4336
  • Client (e.g. browser, CLI tool, or script): localhost:3386

What you did

mkcert identifier.local identifier localhost 0.0.0.0 127.0.0.1 ::1

What went wrong

2022/07/01 00:36:24 [info] 4#4: *1 SSL_do_handshake() failed (SSL: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:SSL alert number 48) while SSL handshaking, client: 127.0.0.1, server: 0.0.0.0:443

I'm running two independent services inside of a podman pod; the client referenced in the error message talks to the server for data IO. I've already solved a few different problems related to installing the root CA as trusted on the client.

Research suggests this is the root cause of this particular problem.

What do you think?

whorvath2 avatar Jul 01 '22 16:07 whorvath2