<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hello Mik!</p>
<p>Don't worry. It works as expected.</p>
<p>The log message mentions the certificate used to secure
communication between Stork Server and Stork Agent and between
Stork Agent and Kea Control Agent. It's generated by the server
during the registration. It means that initially, it doesn't
exist. This certificate isn't used by the Stork Server to serve
the external traffic. <br>
<br>
Important notice. The generated certificate is self-signed. If you
are unhappy with it or want to use your own certificates, you can
use the Stork Tool to replace them. More info in docs
(<a class="moz-txt-link-freetext" href="https://stork.readthedocs.io/en/latest/man/stork-tool.8.html#certificates-management">https://stork.readthedocs.io/en/latest/man/stork-tool.8.html#certificates-management</a>).<br>
<br>
The " --skip-tls-cert-verification " option applies only to
communication between Stork Agent and Kea Control Agent. If it's
set, Stork Agent doesn't validate the Kea-side certificate (Kea
can use self-signed credentials).</p>
<p>Best regards<br>
Slawek<br>
</p>
<div class="moz-cite-prefix">On 01/08/2022 20:34, Mik J wrote:<br>
</div>
<blockquote type="cite"
cite="mid:541261435.7065905.1659378844026@mail.yahoo.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div class="ydp47b7d818yahoo-style-wrap"
style="font-family:Helvetica Neue, Helvetica, Arial,
sans-serif;font-size:16px;">
<div dir="ltr" data-setdir="false">
<div>OS: Openbsd 7.1<br>
<br>
Hello everyone,<br>
<br>
<div>When I start the stork agent I can see messages about
the agent not finding certificates<br>
</div>
<div dir="ltr" data-setdir="false">
<div dir="ltr" data-setdir="false">#
./backend/cmd/stork-agent/stork-agent
--listen-stork-only<br>
<div>ERRO[2022-08-01 20:25:23] caclient.go:113
open /var/lib/stork-agent/certs/ca.pem: no such file
or directory<br>
<br>
</div>
<div dir="ltr" data-setdir="false">When I start it with
the option <span>--skip-tls-cert-verification I don't
see such message</span><br>
</div>
<div dir="ltr" data-setdir="false">
<div># ./backend/cmd/stork-agent/stork-agent
--listen-stork-only --skip-tls-cert-verification<br>
<br>
</div>
<div>I don't store certificates in <span>/var/lib/stork-agent/certs/ca.pem
and in </span>the documentation for agent.env
file they only talk about certificates for REST API.</div>
<div dir="ltr" data-setdir="false">How can I add a
configuration to specify the location and the name
of ca.pem file ?</div>
<div dir="ltr" data-setdir="false"><br>
</div>
<div dir="ltr" data-setdir="false">Thank you<br>
</div>
<div dir="ltr" data-setdir="false">
<div><br>
</div>
</div>
</div>
</div>
<div><br>
</div>
</div>
</div>
<div><br>
</div>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
</body>
</html>