tls

curl or libcurl: SSL certificate problem: unable to get local issuer certificate

curl, or an application that uses libcurl, may have a problem with an SSL certificate that works fine when using a web browser to access the same URL. Typical error output from curl looks like this: $ curl -v https://my-subdomain.mysecuresite.com Trying xxx.xxx.xxx.xxx:443… TCP_NODELAY set Connected to my-subdomain.mysecuresite.com (xxx.xxx.xxx.xxx) port 443 (#0) ALPN, offering h2 ALPN, …

curl or libcurl: SSL certificate problem: unable to get local issuer certificate Read More »

openssl unable to read/load/import SSL private key from GoDaddy

openssl is the standard open-source, command-line tool for manipulating SSL/TLS certificates on Linux, MacOS, and other UNIX-like systems. I recently ran into an interesting problem using openssl to convert a private key obtained from GoDaddy. Someone else used GoDaddy’s “wizard” interface to generate a certificate signing request (CSR) and private key, and saved the files …

openssl unable to read/load/import SSL private key from GoDaddy Read More »

Creating Kubernetes Secrets Using TLS/SSL as an Example

Creating Kubernetes secrets isn’t intuitive the first time you do it. A common reason to use a secret is to add a SSL/TLS certificate to a cluster. Kubernetes provides two ways to add a secret: directly on the command line, and from a YAML source file. First, let’s generate a test certificate to work with …

Creating Kubernetes Secrets Using TLS/SSL as an Example Read More »