在consul配置文件中加入证书参数
{
"addresses": {
"https": "0.0.0.0"
},
"ports": {
"https": 8501
},
"ca_file" : "/etc/consul/ssl/ca.pem",
"cert_file": "/etc/consul/ssl/server.pem",
"key_file" : "/etc/consul/ssl/server.key",
"verify_incoming": true,
"verify_outgoing": true
}
在启动时候看到
consul1.example.com | ==> Starting Consul agent...
consul1.example.com | ==> Consul agent running!
consul1.example.com | Version: 'v1.4.0'
consul1.example.com | Node ID: '90fa98b0-b9d5-b4ce-9feb-6ddf69ea170d'
consul1.example.com | Node name: 'consul1.example.com'
consul1.example.com | Datacenter: 'dc1' (Segment: '')
consul1.example.com | Server: false (Bootstrap: false)
consul1.example.com | Client Addr: [0.0.0.0] (HTTP: 8500, HTTPS: 8501, gRPC: -1, DNS: 8600)
consul1.example.com | Cluster Addr: 172.19.0.5 (LAN: 8301, WAN: 8302)
consul1.example.com | Encrypt: Gossip: false, TLS-Outgoing: true, TLS-Incoming:
即可