Attempting to configure the S3 backup of etcd to use on-prem EMC-ECS (with self-signed certs). After configuration setup in Rancher v2.3.2 receive error
Unable to validate S3 backup target configration: Head h t t p s / / <my-S3-servername.mydomain.com:9021/mybucket/: remote error: tls: handshake failure
Using curl command from host and inside tenant get valid responses.
curl -vvI -s -H “x-emc-namespace: mynamespace” h t t p s ://myecsserver.com:9021/mynamespace* Trying 10.224.243.61…
- TCP_NODELAY set
- Connected to myecsserver.com (10.224.243.61) port 9021 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- successfully set certificate verify locations:
- CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/rancher/ssl - TLSv1.3 (OUT), TLS handshake, Client hello (1):
- TLSv1.3 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS handshake, Finished (20):
SSL connection using TLSv1.2 / DHE-RSA-AES256-GCM-SHA384
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Wed, 08 Jan 2020 20:39:32 GMT
Date: Wed, 08 Jan 2020 20:39:32 GMT
< Server: ViPR/1.0
Server: ViPR/1.0
< x-amz-request-id: 0ae0f33d:16f80dc62fc:1875:a4
x-amz-request-id: 0ae0f33d:16f80dc62fc:1875:a4
< x-amz-id-2: 59b7d4834839444c37c38b3565acfbb0c6ef61da9d7ef7f8ea4681c063ebdff2
x-amz-id-2: 59b7d4834839444c37c38b3565acfbb0c6ef61da9d7ef7f8ea4681c063ebdff2
< x-emc-retention-period: 0
x-emc-retention-period: 0
< Content-Length: 0
Content-Length: 0