I’d like to install Rancher to manage two of ours servers (40 core Xeon, 128GB RAM) with Rancher 2 and k8s, however, I already fail at getting the first steps done due to certificate issues (the WebSocket communication fails due to “invalid certificate chain”.). I now rolled everything back and started from scratch.
The only thing I have done until now is deploying Rancher via docker:
docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher
When connecting via HTTPS, the certificate is invalid (I accepted that to see how far I get) and of course I get a lot of errors in the browsers log:
Failed to load resource: The certificate for this server is invalid. You might be connecting to a server that is pretending to be “a.b.c.d”, which could put your confidential information at risk.
The certificate error is this:
Your connection is not private
Attackers might be trying to steal your information from a.b.c.d (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID
Subject: dynamic
Issuer: dynamiclistener-ca
Expires on: 12 Sep 2021
Current date: 12 Sep 2020
PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIBpTCCAUqgAwIBAgIIcvBuNsfHD3AwCgYIKoZIzj0EAwIwOzEcMBoGA1UEChMT
ZHluYW1pY2xpc3RlbmVyLW9yZzEbMBkGA1UEAxMSZHluYW1pY2xpc3RlbmVyLWNh
MB4XDTIwMDkxMjA3MjM0NFoXDTIxMDkxMjA3MjQzNFowJDEQMA4GA1UEChMHZHlu
YW1pYzEQMA4GA1UEAxMHZHluYW1pYzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
BG/JSlAXq4whbxwar83dGMpF3AynJT88P10d08yVd31IQQ3UTTaN8749WycFJFZg
HU9/K0bbB5KXM/uDli22FMyjTzBNMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAK
BggrBgEFBQcDATAmBgNVHREEHzAdgglsb2NhbGhvc3SHBH8AAAGHBIO8oVCHBKwR
AAIwCgYIKoZIzj0EAwIDSQAwRgIhAP6bZAroStn5QI0Jhqiy8ewkT5ETzY8ofaTY
QgiKqrlEAiEAjoRSHtOZDf5C9OtwCs8DPR288KF58Z6Qfrv/LCkrtd0=
-----END CERTIFICATE-----