🎄 Happy Holidays! 🥳
Most of Solace is closed December 24–January 1 so our employees can spend time with their families. We will re-open Thursday, January 2, 2024. Please expect slower response times during this period and open a support ticket for anything needing immediate assistance.
Happy Holidays!
Please note: most of Solace is closed December 25–January 2, and will re-open Tuesday, January 3, 2023.
How to Deploy Solace on AWS EKS with SSL/TLS Using Network Load Balancer (NLB)
Hello Solace Team,
I have deployed Solace PubSub+ Cloud in my AWS EKS cluster, following the Solace documentation for deployment. I successfully set up Solace with a Network Load Balancer (NLB) as per the instructions. After the deployment, I was able to log into the Solace console and use the "Try Me" section, where I successfully connected to port 8008.
Next, I configured the ACM certificate in the Solace setup file and redeployed Solace. The deployment was successful, but when I tried to use the "Try Me" section again, I encountered a connection timeout error.
Could you please advise on how to resolve this connection timeout issue and the correct steps to use the ACM certificate for SSL/TLS configuration?
Thank you.
@giri
Comments
-
Are you still connecting to the unencrypted port? 8008 is for unencrypted. 1443 is the (default) SMF WebSockets Secure port. You might want to check out this list: https://docs.solace.com/Admin/Default-Port-Numbers.htm#Software
Also, you can check the broker's "Service" tab, to see if the ports are open, and up, and operational.
Hmmm, it doesn't appear to show operational status, you might have to login to CLI and do
show service
to see this.Status Service TP S C R VRF MsgVpn Port A O Failed Reason ---------- --- ----- ----- --------------- ----- --- -------------------------- SEMP TCP N - - Mgmt 8080 U U SEMP TCP Y - - Mgmt 1943 U D No Cert SMF TCP N N N Mgmt 55555 U U SMF TCP N Y N Mgmt 55003 U U SMF TCP N N Y Mgmt 55556 U D SMF TCP Y N N Mgmt 55443 U D No Cert SMF WEB N - - Mgmt 8008 U U SMF WEB Y - - Mgmt 1443 U D No Cert <-- my local broker, "D" == down ...
0 -
Hello @Aaron ,
Thanks for your response. I checked my configuration, and it's aligned with the settings you mentioned.
After adding the SSL certificate in the Kubernetes secret and updating my Solace YAML configuration accordingly, I encountered a new error. "The plain HTTP request was sent to HTTPS port".I've attached a screenshot of the YAML file I’m currently using to deploy Solace in my EKS cluster for your reference.
0