can not apply https delay chaos #65
Description
I followed the steps on https://chaos-mesh.org/docs/simulate-http-chaos-on-kubernetes/#tls to generate files includes server.key, server.crt and ca.crt stored in directory /usr/local.
All my operations were carried out on the same virtual machine, node1.
My server.ext file's content like this
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = *.baidu.com
My tproxy configfile named tls.yaml, content like this
proxy_ports: [80,443]
rules:
- target: Request
selector:
path: /sugrec
actions:
delay: 60s
tls:
cert_file:
type: Path
value: /usr/local/server.crt
key_file:
type: Path
value: /usr/local/server.key
ca_file:
type: Path
value: /usr/local/ca.crtWhile I was using ./tproxy -v ./tls.yaml to start tproxy, and after invoking the https://www.baidu.com/sugrec?xxx interface, the following error occurred on the invocation side:
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
The following logs were output in tproxy.
2023-11-01T02:20:00.131905Z ERROR chaos_tproxy_proxy::proxy::http::server: cannot decrypt peer's message
Please assist in troubleshooting this, I would be greatly appreciative!