TiFlash fails to start with empty string ssl configs #9235
Closed
Description
Bug Report
Please answer these questions before submitting your issue. Thanks!
1. Minimal reproduce step (Required)
Start tiflash with
[security]
ca_path = ""
cert_path = ""
key_path = ""
2. What did you expect to see? (Required)
tiflash starts with tls disabled
3. What did you see instead (Required)
tiflash starts with tls enabled, but failed to create the security grpc server, then failed to start the process.
[2024/07/15 09:18:24.454 +00:00] [ERROR] [Server.cpp:392] ["/build/tics/contrib/grpc/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc, line number: 120, log msg : {\"created\":\"@1721035104.454831344\",\"description\":\"Unable to create secure server with credentials of type Ssl\",\"file\":\"/build/tics/contrib/grpc/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc\",\"file_line\":105}"] [source=grpc] [thread_id=1]
[2024/07/15 09:18:24.454 +00:00] [ERROR] [Server.cpp:392] ["/build/tics/contrib/grpc/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc, line number: 233, log msg : Failed loading SSL server credentials from fetcher."] [source=grpc] [thread_id=1]
[2024/07/15 09:18:24.454 +00:00] [ERROR] [Server.cpp:392] ["/build/tics/contrib/grpc/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc, line number: 381, log msg : Handshaker factory creation failed with TSI_INVALID_ARGUMENT."] [source=grpc] [thread_id=1]
[2024/07/15 09:18:24.454 +00:00] [ERROR] [Server.cpp:392] ["/build/tics/contrib/grpc/src/core/tsi/ssl_transport_security.cc, line number: 840, log msg : Invalid cert chain file."] [source=grpc] [thread_id=1]
[2024/07/15 09:18:24.454 +00:00] [INFO] [TiFlashSecurity.h:196] ["read new SslCredentialOptions: ca_path: , cert_path: , key_path: "] [thread_id=1]
4. What is your TiFlash version? (Required)
master