I’d like to install Rancher to manage two of ours servers (40 core Xeon, 128GB RAM) with Rancher 2 and k8s, however, I already fail at getting the first steps done due to certificate issues (the WebSocket communication fails due to “invalid certificate chain”.). I now rolled everything back and started from scratch.
The only thing I have done until now is deploying Rancher via docker:
docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher
When connecting via HTTPS, the certificate is invalid (I accepted that to see how far I get) and of course I get a lot of errors in the browsers log:
Failed to load resource: The certificate for this server is invalid. You might be connecting to a server that is pretending to be “a.b.c.d”, which could put your confidential information at risk.
The certificate error is this:
Your connection is not private Attackers might be trying to steal your information from a.b.c.d (for example, passwords, messages or credit cards). Learn more NET::ERR_CERT_AUTHORITY_INVALID Subject: dynamic Issuer: dynamiclistener-ca Expires on: 12 Sep 2021 Current date: 12 Sep 2020 PEM encoded chain: -----BEGIN CERTIFICATE----- MIIBpTCCAUqgAwIBAgIIcvBuNsfHD3AwCgYIKoZIzj0EAwIwOzEcMBoGA1UEChMT ZHluYW1pY2xpc3RlbmVyLW9yZzEbMBkGA1UEAxMSZHluYW1pY2xpc3RlbmVyLWNh MB4XDTIwMDkxMjA3MjM0NFoXDTIxMDkxMjA3MjQzNFowJDEQMA4GA1UEChMHZHlu YW1pYzEQMA4GA1UEAxMHZHluYW1pYzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA BG/JSlAXq4whbxwar83dGMpF3AynJT88P10d08yVd31IQQ3UTTaN8749WycFJFZg HU9/K0bbB5KXM/uDli22FMyjTzBNMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAK BggrBgEFBQcDATAmBgNVHREEHzAdgglsb2NhbGhvc3SHBH8AAAGHBIO8oVCHBKwR AAIwCgYIKoZIzj0EAwIDSQAwRgIhAP6bZAroStn5QI0Jhqiy8ewkT5ETzY8ofaTY QgiKqrlEAiEAjoRSHtOZDf5C9OtwCs8DPR288KF58Z6Qfrv/LCkrtd0= -----END CERTIFICATE-----