Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.Original topic: 组件间TLS开启后TiDB Dashboard无法访问
|
username: EricSong
[TiDB Usage Environment] Test
[TiDB Version] v6.1.0
[Reproduction Path] Refer to The Trials and Tribulations of Enabling TLS for TiDB Production Cluster - Enabling Chapter
[Encountered Issue: Problem Phenomenon and Impact]
Problem Background: Currently, there is a high-security requirement environment where all ports must enable TLS. The machines (PCs) accessing this environment can only perform basic CRUD operations and access web pages, without the ability to add trusted certificates or perform other operations involving underlying and security settings.
Problem Description: After enabling inter-component TLS via tiup, the security requirements are met, and CRUD operations can be performed. However, when accessing the Dashboard via a browser, the following prompt appears:
This site can’t provide a secure connection
10.250.X.X didn’t accept your login certificate, or you might not have provided one.
- Try contacting the system administrator.
ERR_BAD_SSL_CLIENT_AUTH_CERT
Since the certificates used between components are self-generated by tiup, they are not part of the machine’s existing trusted and used certificates. Additionally, the machine’s security restrictions prevent me from adding new certificates, making it impossible to use the Dashboard to view logs, slow SQL, and other information. Does anyone have similar experiences and solutions?
|
username: 
|
username: