grpc
config_error
ai_generated
true
UNAVAILABLE: grpc: TLS certificate not found: /etc/ssl/certs/server.crt
ID: grpc/grpc-tls-certificate-not-found
95%Fix Rate
90%Confidence
1Evidence
2023-09-05First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| grpc-go 1.60.0 | active | — | — | — |
| grpc-java 1.59.0 | active | — | — | — |
| OpenSSL 3.0.12 | active | — | — | — |
Root Cause
The specified TLS certificate file path does not exist or is inaccessible due to permissions or incorrect path.
generic中文
指定的 TLS 证书文件路径不存在,或因权限或路径错误而无法访问。
Official Documentation
https://grpc.io/docs/guides/auth/#with-server-authentication-ssltlsWorkarounds
-
95% success Verify the certificate file exists and has correct permissions. Run: ls -la /etc/ssl/certs/server.crt If missing, generate or copy the certificate. Example using OpenSSL: openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/certs/server.key -out /etc/ssl/certs/server.crt -days 365 -nodes Then update the gRPC server config to point to the correct paths.
Verify the certificate file exists and has correct permissions. Run: ls -la /etc/ssl/certs/server.crt If missing, generate or copy the certificate. Example using OpenSSL: openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/certs/server.key -out /etc/ssl/certs/server.crt -days 365 -nodes Then update the gRPC server config to point to the correct paths.
-
85% success If using a custom path, set the GRPC_GO_TLS_CERT_FILE and GRPC_GO_TLS_KEY_FILE environment variables before starting the server: export GRPC_GO_TLS_CERT_FILE=/path/to/cert.pem export GRPC_GO_TLS_KEY_FILE=/path/to/key.pem ./your_server
If using a custom path, set the GRPC_GO_TLS_CERT_FILE and GRPC_GO_TLS_KEY_FILE environment variables before starting the server: export GRPC_GO_TLS_CERT_FILE=/path/to/cert.pem export GRPC_GO_TLS_KEY_FILE=/path/to/key.pem ./your_server
中文步骤
Verify the certificate file exists and has correct permissions. Run: ls -la /etc/ssl/certs/server.crt If missing, generate or copy the certificate. Example using OpenSSL: openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/certs/server.key -out /etc/ssl/certs/server.crt -days 365 -nodes Then update the gRPC server config to point to the correct paths.
If using a custom path, set the GRPC_GO_TLS_CERT_FILE and GRPC_GO_TLS_KEY_FILE environment variables before starting the server: export GRPC_GO_TLS_CERT_FILE=/path/to/cert.pem export GRPC_GO_TLS_KEY_FILE=/path/to/key.pem ./your_server
Dead Ends
Common approaches that don't work:
-
85% fail
The error is about the server certificate, not the root CA; changing root path doesn't help if server cert path is wrong.
-
90% fail
This bypasses security but does not fix the missing certificate; the server still fails to start with TLS.