Trying to do a curl from a kubernetes pod by exec-ing into it and I see the below error. Both server and client have the certs imported into their truststore/keystore.
bash-4.4$ curl -v --cert tls.crt --key tls.key --cacert ca.crt https://<host>:9090/api/tks
* Trying ....
* TCP_NODELAY set
* Connected to <host> port 9090 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: ca.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self signed certificate
* Closing connection 0
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Server logs for the same request are as below. Not sure if they are related, and also it seems like the protocol is not same for both server and client.
SSL handshake failed: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) (UNKNOWN)
