generate_cert icon indicating copy to clipboard operation
generate_cert copied to clipboard
verified publisher icon SvenDowideit

Swarm Compatibility

Open ghost opened this issue 10 years ago • 0 comments

@SvenDowideit I have no problem using this to connect my client to a remote daemon but connecting the swarm master to swarm nodes does not seem to work.

Swarm Master:

time="2015-05-07T13:48:42Z" level=error msg="Get https://192.168.1.71:2376/v1.15/info: remote error: handshake failure"

Swarm node:

May 07 13:43:58 localhost docker[1057]: 2015/05/07 13:43:58 http: TLS handshake error from 192.168.1.20:60964: tls: client's certificate's extended key usage doesn't permit it to be used for client authentication

From offical docs:

Swarm supports TLS authentication between the CLI and Swarm but also between Swarm and the Docker nodes. However, all the Docker daemon certificates and client certificates must be signed using the same CA-certificate.

Swarm certificates must be generated with extendedKeyUsage = clientAuth,serverAuth

ghost avatar May 07 '15 14:05 ghost