scano_183208 avatar image
scano_183208 asked scano_183208 commented

SSL Troubles Getting a Null Cert Chain error

When i enable require_client_auth on client to node encryption I keep getting a null cert chain error. My assumption is that the certificate the client in providing to the server does not have a cert chain thus the error happening aka bad certificate.

In these types of situations what can i do as my first steps? Is there a way to see what certificate the client is providing? what the server is using to authenticate the client cert. etc.

Thank you,

10 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

bettina.swynnerton avatar image bettina.swynnerton ♦♦ commented ·

Hi @scano_183208,

would you update your question with the full error and the DSE version?

Here is the documentation on enabling client to node encryption for DSE 6.8, which might serve as a starting point for double-checking your configuration. It includes a link to detailed instructions on how to create the certificates, keystores and truststores.

0 Likes 0 ·
scano_183208 avatar image scano_183208 bettina.swynnerton ♦♦ commented ·

@Erick Ramirez @bettina.swynnerton

It says this.

  • true - Require certificate authentication for client-to-node encryption. Client certificates must be present on all nodes in the cluster.

If i created the CARoot and the keystore and truststore for the nodes via LCM where can i find the Client certificates for the nodes?

0 Likes 0 ·

1 Answer

Erick Ramirez avatar image
Erick Ramirez answered

We haven't heard back from since you posted this question. We need additional information in order to assist you.

Let us know either way if you still need help with this issue. Cheers!

10 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.