<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Hello Mik!</p>
    <p>Don't worry. It works as expected.</p>
    <p>The log message mentions the certificate used to secure
      communication between Stork Server and Stork Agent and between
      Stork Agent and Kea Control Agent. It's generated by the server
      during the registration.  It means that initially, it doesn't
      exist. This certificate isn't used by the Stork Server to serve
      the external traffic. <br>
      <br>
      Important notice. The generated certificate is self-signed. If you
      are unhappy with it or want to use your own certificates, you can
      use the Stork Tool to replace them. More info in docs
(<a class="moz-txt-link-freetext" href="https://stork.readthedocs.io/en/latest/man/stork-tool.8.html#certificates-management">https://stork.readthedocs.io/en/latest/man/stork-tool.8.html#certificates-management</a>).<br>
      <br>
      The " --skip-tls-cert-verification " option applies only to
      communication between Stork Agent and Kea Control Agent. If it's
      set, Stork Agent doesn't validate the Kea-side certificate (Kea
      can use self-signed credentials).</p>
    <p>Best regards<br>
      Slawek<br>
    </p>
    <div class="moz-cite-prefix">On 01/08/2022 20:34, Mik J wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:541261435.7065905.1659378844026@mail.yahoo.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div class="ydp47b7d818yahoo-style-wrap"
        style="font-family:Helvetica Neue, Helvetica, Arial,
        sans-serif;font-size:16px;">
        <div dir="ltr" data-setdir="false">
          <div>OS: Openbsd 7.1<br>
            <br>
            Hello everyone,<br>
            <br>
            <div>When I start the stork agent I can see messages about
              the agent not finding certificates<br>
            </div>
            <div dir="ltr" data-setdir="false">
              <div dir="ltr" data-setdir="false">#
                ./backend/cmd/stork-agent/stork-agent
                --listen-stork-only<br>
                <div>ERRO[2022-08-01 20:25:23]         caclient.go:113  
                  open /var/lib/stork-agent/certs/ca.pem: no such file
                  or directory<br>
                  <br>
                </div>
                <div dir="ltr" data-setdir="false">When I start it with
                  the option <span>--skip-tls-cert-verification I don't
                    see such message</span><br>
                </div>
                <div dir="ltr" data-setdir="false">
                  <div># ./backend/cmd/stork-agent/stork-agent
                    --listen-stork-only --skip-tls-cert-verification<br>
                    <br>
                  </div>
                  <div>I don't store certificates in <span>/var/lib/stork-agent/certs/ca.pem
                      and in </span>the documentation for agent.env
                    file they only talk about certificates for REST API.</div>
                  <div dir="ltr" data-setdir="false">How can I add a
                    configuration to specify the location and the name
                    of ca.pem file ?</div>
                  <div dir="ltr" data-setdir="false"><br>
                  </div>
                  <div dir="ltr" data-setdir="false">Thank you<br>
                  </div>
                  <div dir="ltr" data-setdir="false">
                    <div><br>
                    </div>
                  </div>
                </div>
              </div>
              <div><br>
              </div>
            </div>
          </div>
          <div><br>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="moz-mime-attachment-header"></fieldset>
    </blockquote>
  </body>
</html>