Common Consul Error Messages
When configuring complex systems, it is inevitable that mistakes will be made, steps will be skipped, or changes will have side effects you didn't expect. Below we've included some guidance regarding common error messages you may encounter when working with Consul.
HTTPS port
Once TLS is enabled, Consul uses port 8501 for communications. If you are using
Consul on Kubernetes, and you receive the following error message:
Review your port-forward configuration, and make sure to change your port forward command to forward from 8501 on the server container in the Kubernetes cluster.
Sent HTTP request to an HTTPS server
You may receive an error indicating that you are trying to send HTTP traffic to an HTTPS server.
This is an indicator that TLS configuration on the development host is incomplete. There are a couple of options to get past this hurdle.
You can either set the CONSUL_HTTP_SSLenvironment variable to true like so.
Or, you can set the CONSUL_HTTP_ADDR environment variable to an HTTPS address like this:
Either option, should provide the Consul CLI with enough information to infer that it should use HTTPS.
x509 certificate error
Once TLS is enabled, you may receive the following x509 error message.
This indicates that command is reaching the server, but communication is being rejected because the TLS handshake can't be negotiated. In order to authenticate with the server, the client needs to supply a valid CA secret via one of several methods detailed in the documentation.
Next steps
If none of these error messages or common solutions are relevant to your situation, refer to our Troubleshooting tutorial for more ideas.