[lxc-users] lxc exec / list: x509: certificate has expired or is not yet valid

Andrey Repin anrdaemon at yandex.ru
Thu Jun 2 13:40:25 UTC 2016


Greetings, Tomasz Chmielewski!

> On 2016-06-02 21:09, Tomasz Chmielewski wrote:
>> Not sure what's the procedure for this one:
>> 
>> # lxc list
>> error: Get https://10.0.0.1:8443/1.0/containers?recursion=1: x509:
>> certificate has expired or is not yet valid

> Apparently LXD sets up a certificate with 1 year validity when 
> installed, but provides no mechanism to automatically update it. And can 
> be a big surprise after a year :|

> Also, don't see the CSR file there?

> So... what is the correct procedure to update the certificate on LXD 
> server and make sure it's still accepted by LXD clients?

I would go a long route and set up my own CA.
Though, I actually did that already...

Alternative is to make yourself a certificate though third-party CA, like
Let's Encrypt.


-- 
With best regards,
Andrey Repin
Thursday, June 2, 2016 16:39:01

Sorry for my terrible english...



More information about the lxc-users mailing list