grpc
config_error
ai_generated
true
不可用: grpc: 未找到 TLS 证书: /etc/ssl/certs/server.crt
UNAVAILABLE: grpc: TLS certificate not found: /etc/ssl/certs/server.crt
ID: grpc/grpc-tls-certificate-not-found
95%修复率
90%置信度
1证据数
2023-09-05首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| grpc-go 1.60.0 | active | — | — | — |
| grpc-java 1.59.0 | active | — | — | — |
| OpenSSL 3.0.12 | active | — | — | — |
根因分析
指定的 TLS 证书文件路径不存在,或因权限或路径错误而无法访问。
English
The specified TLS certificate file path does not exist or is inaccessible due to permissions or incorrect path.
官方文档
https://grpc.io/docs/guides/auth/#with-server-authentication-ssltls解决方案
-
Verify the certificate file exists and has correct permissions. Run: ls -la /etc/ssl/certs/server.crt If missing, generate or copy the certificate. Example using OpenSSL: openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/certs/server.key -out /etc/ssl/certs/server.crt -days 365 -nodes Then update the gRPC server config to point to the correct paths.
-
If using a custom path, set the GRPC_GO_TLS_CERT_FILE and GRPC_GO_TLS_KEY_FILE environment variables before starting the server: export GRPC_GO_TLS_CERT_FILE=/path/to/cert.pem export GRPC_GO_TLS_KEY_FILE=/path/to/key.pem ./your_server
无效尝试
常见但无效的做法:
-
85% 失败
The error is about the server certificate, not the root CA; changing root path doesn't help if server cert path is wrong.
-
90% 失败
This bypasses security but does not fix the missing certificate; the server still fails to start with TLS.