[ https://issues.apache.org/jira/browse/FLINK-22126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17319964#comment-17319964 ]
Robert Metzger commented on FLINK-22126: ---------------------------------------- Mh, could this be the same issue? http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/Received-fatal-alert-certificate-unknown-td27851.html > when i set ssl ,the jobmanager got certificate_unknown exception > ---------------------------------------------------------------- > > Key: FLINK-22126 > URL: https://issues.apache.org/jira/browse/FLINK-22126 > Project: Flink > Issue Type: Bug > Components: Runtime / Coordination > Reporter: tonychan > Priority: Major > Attachments: image-2021-04-07-09-26-16-490.png, > image-2021-04-07-09-26-21-958.png > > > !image-2021-04-07-09-26-21-958.png! > my setup as below: > > keytool -genkeypair -alias ca -keystore ca.keystore -dname "CN=ART002" > -storepass ca_keystore_password -keyalg RSA -keysize 4096 -ext "bc=ca:true" > -storetype PKCS12 > keytool -exportcert -keystore ca.keystore -alias ca -storepass > ca_keystore_password -file ca.cer > keytool -importcert -keystore ca.truststore -alias ca -storepass > ca_truststore_password -file ca.cer -noprompt > > keytool -genkeypair -alias flink.rest -keystore rest.signed.keystore -dname > "CN=ART002" -ext "SAN=dns:ART002" -storepass rest_keystore_password -keyalg > RSA -keysize 4096 -storetype PKCS12 > keytool -certreq -alias flink.rest -keystore rest.signed.keystore -storepass > rest_keystore_password -file rest.csr > keytool -gencert -alias ca -keystore ca.keystore -storepass > ca_keystore_password -ext "SAN=dns:ART002,ip:*.*0.145.92" -infile rest.csr > -outfile rest.cer > keytool -importcert -keystore rest.signed.keystore -storepass > rest_keystore_password -file ca.cer -alias ca -noprompt > keytool -importcert -keystore rest.signed.keystore -storepass > rest_keystore_password -file rest.cer -alias flink.rest -noprompt > > > security.ssl.rest.enabled: true > security.ssl.rest.keystore: /data/flink/flink-1.11.2/ssl/rest.signed.keystore > security.ssl.rest.truststore: /data/flink/flink-1.11.2/ssl/ca.truststore > security.ssl.rest.keystore-password: rest_keystore_password > security.ssl.rest.key-password: rest_keystore_password > security.ssl.rest.truststore-password: ca_truststore_password > > > > > > > -- This message was sent by Atlassian Jira (v8.3.4#803005)