Skip to content

bug: unable to setup ssls with env reference #11141

New issue
New issue
Open
Open
bug: unable to setup ssls with env reference#11141
Labels
bugSomething isn't workinggood first issueGood for newcomers
@Sebastian-Pietrzak

Description

@Sebastian-Pietrzak
Sebastian-Pietrzak
opened on Apr 10, 2024

Current Behavior

I'm struggling with adding certificate with /ssls admin endpoint using env reference.

curl --location --request PUT 'http://127.0.0.1:9180/apisix/admin/ssls' \
--header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
--header 'Content-Type: application/json' \
--data '{
    "id":  "some_id",
    "type": "server",
    "snis": ["localhost"],
    "cert": "$ENV://APISIX_ENV_CERT",
    "key": "$ENV://APISIX_ENV_KEY",
    "ssl_protocols": ["TLSv1.2", "TLSv1.3"]
  }'

I'm always getting this, no matter what I put inside cert/key fields unless they are proper certs.

{
    "error_msg": "invalid configuration: property \"key\" validation failed: value should match only one schema, but matches none"
}

Accordingly to admin api documentation those fields support those env references, but it seems it's not the case. Note: I'm using such env reference in key-auth plugin and it works just fine, but here it seems like it doesn't expect any other pattern than cert, and message/logs are not helpful.

Expected Behavior

It's possible to setup ssls and provide cert location as env reference.

Error Logs

No response

Steps to Reproduce

Send following request to admin-api:

curl --location --request PUT 'http://127.0.0.1:9180/apisix/admin/ssls' \
--header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
--header 'Content-Type: application/json' \
--data '{
    "id":  "some_id",
    "type": "server",
    "snis": ["localhost"],
    "cert": "$ENV://APISIX_ENV_CERT",
    "key": "$ENV://APISIX_ENV_KEY",
    "ssl_protocols": ["TLSv1.2", "TLSv1.3"]
  }'

Environment

  • APISIX version (run apisix version): 3.7.0
  • Operating system (run uname -a): Linux 4091912aa453 6.6.16-linuxkit change: added doc of how to load plugin. #1 SMP Fri Feb 16 11:54:02 UTC 2024 x86_64 GNU/Linux
  • OpenResty / Nginx version (run openresty -V or nginx -V): n/a
  • etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info): 3.5.9
  • APISIX Dashboard version, if relevant: n/a
  • Plugin runner version, for issues related to plugin runners: n/a
  • LuaRocks version, for installation issues (run luarocks --version): n/a

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workinggood first issueGood for newcomers

    Type

    No type

    Projects

    ⚡️ Apache APISIX Roadmap

    Status

    📋 Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions