Hello,
I’m running Rancher 2.6.0, and I recently found that my cattle-webhook-tls
certificate had expired.
Following other sources online I did the following:
- Delete the
cattle-webhook-tls
certificate - Delete the
rancher.cattle.io
admission controller - Delete the
rancher-webhook
pod
This process seems to have worked, in that it caused a new certificate for cattle-webhook-tls
to be generated. (The admission controller has also been recreated.)
However, I think I may have messed something up in my process because now when I go to add a new secret I get the following message:
Internal error occurred: failed calling webhook "rancher.cattle.io": Post "https://rancher-webhook.cattle-system.svc:443/v1/webhook/mutation?timeout=10s": x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "dynamiclistener-ca")
Does anyone know how correct this behavior?
Many thanks!
-Z