Description
Problem
There is an increase number of cases where users are running into unknown CA error. These are hard to debug. Forcing us and the user to look at all the certs and CAs being used.
Suggestion
The error message indicators where the problem is:
- The new node does not have the CAs to validate the other nodes in the cluster
- The nodes in the cluster does not have the CA to validate the the new node cert
- The CA is invalid in somewhere (i suspect this should happen on upload of the CA)
- The cert is invalid in somewhere i.e names don't match, has expired, etc (I suspect this error is already thrown back.
Attachments
Issue Links
- relates to
-
MB-54741 Improved Certificate Validation and Reporting
- Open