Dashboard/portal and gateway https configuration

Hi,
I’m using tyk version 1.3.2 on premise.
I have install this in a private cloud centos7 VMs : 1 VM for the gateway and one other for dashboard.
I have configure dashboard to use a self-signed certificate. I set my portal to a DNS (portal.pro.fr) referenced in the certificate and in the hosts file of VM. I can access dashboard and portal with firefox after setting an exception certificate in https.

But, in gateway log i have this error message :
time=“Mar 22 10:05:19” level=error msg=“Request failed: Get https://{floating ip dashboard}:443/register/node: x509: certificate
signed by unknown authority”
I copy my dashboard certificate into /etc/pki/ca-trust/source/anchors/ and run update-ca-trust extract, but this error persists.

In dashboard, i have this error message : 2017/03/22 10:11:55 http: TLS handshake error from {floatting ip gateway}:36574: read tcp {fixed ip dashboard}:443->{floating ip gateway}:36574: read: connection reset by peer.
I suppose this error arrive because of protocol http… But all is configure in https?

Is anyone can help me?
Thanks a lot!

Hi Phil,

Did you restart the Gateway after the certificate was added to your server? If not, it might be worth restarting Tyk and attempting to log into the Dashboard again.

Kind regards,
Jess @ Tyk

Hi.
Yes i restart gateway and dashboard…

Hi,
other information : when all is configure without ssl, a curl from dashboard to gateway is ok, but when ssl is active, curl don’t work and finished in timeout…

Hi Phil,

Unfortunately, Tyk doesn’t really work very well with self-signed certificates. You may need to add the Certificate Authority to your server’s CRT pool first. If that doesn’t work, you’ll need to use a valid certificate instead.

Apologies if that doesn’t help very much.

Kind regards,
Jess @ Tyk

Hi,
i replace self-signed certificate by a certificate issued known AC and it’s work.
Thanks for your response!