Error when running x509 library When calling the .net library, the error is reported as follows. ” at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)\r\\ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)\r\ n at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)\r\\ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)\ r\\ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)\r\\ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)\ […]
Tag: x509
Java uses X509Certificate to get certificate details
Java uses X509Certificate to obtain certificate details Scene ? We use various certificates when developing encryption-related projects, and the certificate files end with the .cer suffix. Double-click to open and you can see the detailed information of the certificate, including version, serial number, signature algorithm, issuer, user, validity period, public key and other information. So […]
OpenSSL – x509 certificate information extraction
1. python-x509 certificate information extraction class X509Cert: cert_type = OpenSSL.crypto.FILETYPE_PEM cert_fun = OpenSSL.crypto.load_certificate @classmethod def get_parse_result(cls, cert_byte: bytes) -> dict: cert = cls.cert_fun(cls.cert_type, cert_byt) cert_info = dict(cert_version=cert.get_version(), cert_number=hex(cert. get_serial_number()), cert_signature_algorithm = cert.get_signature_algorithm().decode(“UTF-8”), cert_issuer=cert_issue.commonName, cert_expiry_date=f'{<!– –>parser.parse(cert.get_notBefore().decode(“UTF-8”)).strftime(“%Y-%m-%d %H: %M:%S”)} ~ ‘ f'{<!– –>parser.parse(cert.get_notAfter().decode(“UTF-8”)).strftime(“%Y-%m-%d %H:%M :%S”)}’, cert_expires = cert.has_expired(), cert_public_key_length=cert.get_pubkey().bits(), cert_pubkey_type=cert.get_pubkey().type(), cert_subject_information={<!– –>item[0].decode(“utf-8”): item[1].decode(“utf-8”) for item in cert_issue.get_components()}, […]
k8s cluster adding master node certificate etcd/peer is invalid: x509: certificate is valid for xxx,localhost,not x
Add a second master node prompt after k8s cluster initialization configuration error execution phase control-plane-prepare/certs: error creating PKI assets: failed to write or validate certificate “etcd-peer”: certificate etcd/peer is invalid: x509: certificate is valid for k8s-master01, localhost, not k8s-master02 [root@k8s-master02 pki]# kubeadm join 192.168.66.199:16443 –token abcdef.0123456789abcdef –discovery-token-ca-cert-hash sha256:e1ed0646db7a37d7c263e968aa9c0e9 bf3e068ac7fe208ea64c6c066f40b2f13 –control-plane [preflight] Running pre-flight checks [preflight] […]
[Solved] kube-api log:authentication handshake failed: x509: certificate has expired or is not yet valid
Problem Description: [root@master .kube]# kubectl get nodes The connection to the server 192.168.122.2:6443 was refused – did you specify the right host or port? [root@master ~]# docker ps |head -1 ; docker ps |grep api CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9425402ec49a 838d692cbe28 “kube-apiserver –ad…” 16 seconds ago Up 16 seconds k8s_kube-apiserver_kube-apiserver-master_kube-system_29f37e829364bd5dd2a022f9cde4d40e_139 9c00a266f9b2 […]
[Solved] The K8S certificate expires and an error is reported: Unable to connect to the server: x509: certificate has expired or is not yet valid Solution
1. Check the validity period of the certificate kubeadm certs check-expiration # See invalid is all expired [check-expiration] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -o yaml’ [check-expiration] Error reading configuration from the Cluster. Falling back to default configuration CERTIFICATE EXPIRES RESIDUAL TIME CERTIFICATE AUTHORITY EXTERNALLY MANAGED […]
[Solved] go-grpc TSL authentication solution transport: authentication handshake failed: x509 certificate relies on … …
1. Problem description: transport: authentication handshake failed: x509: certificate relies on legacy Common Name field, use SANs or temporarily enable 2. Background environment: My environment is windows go 1.17, and the linux solution to this problem is also applicable. 3. First you need to download SSL After you click on this link, you will see […]
[Solved] Compile kernel error – *** No rules to make target “debian/canonical-revoked-certs.pem”, required by “certs/x509_revocation_list”. stop.
Enter the kernel source directory open.config vim.config Delete the contents of the double quotes, keep the double quotes Save and exit! bring it on! Accept the next challenge! The article knowledge points match the official knowledge files, and you can further learn the relevant knowledge CS entry skill tree Linux entry First acquaintance with Linux6613 […]
[Solved] Compiling kernel error – *** No rules to make target “debian/canonical-certs.pem”, required by “certs/x509_certificate_list”. stop.
Open the .config file vim.config Delete the contents of the double quotes (keep the double quotes) After deleting: save and exit :wq Problem ending! bring it on! Go to challenge the next difficulty! The article knowledge points match the official knowledge files, and you can further learn related knowledge CS introductory skill tree Linux entry […]
[Solved] Error x509: cannot validate certificate for xxx because it doesn’t contain any IP SANs in k8s apply
Background After resetting a node of the previous k8s cluster and joining it to another k8s cluster, the pod reports an error after apply Get https://[xxx]:443/apis/crd.projectcalico.org/v1/clusterinformations/default: x509: cannot validate certificate for xxx because it doesn’t contain any IP SANs Reason The previous k8s environment was not cleaned up, you need to clean up /etc/cni/net.d , […]