Microservices - Service Mesh
During Mutual TLS setup, a service fails to start and logs an error about 'certificate chain incomplete'. What is the most probable cause?
During Mutual TLS setup, a service fails to start and logs an error about 'certificate chain incomplete'. What is the most probable cause?
medium📝 Analysis Q7 of 15
Step-by-Step Solution
Solution:
Step 1: Understand certificate chain in TLS
The certificate chain includes the service cert and intermediate CA certs up to root CA.Step 2: Cause of 'certificate chain incomplete'
If intermediate CA certs are missing, the chain is incomplete and TLS setup fails.Final Answer:
The service's certificate is missing intermediate CA certificates -> Option AQuick Check:
Incomplete chain = Missing intermediate certs [OK]
Quick Trick: Include all intermediate certs in chain for mTLS [OK]
Common Mistakes:
MISTAKES- Assuming private key corruption causes chain error
- Confusing HTTP usage with certificate chain issues
- Thinking expired cert causes chain incomplete error
Master "Service Mesh" in Microservices
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Microservices Quizzes