I setup a rancher server behind an AWS ELB with SSL. I followed the instructions on the basic-ssl-config page. Accessing rancher via the web browser works fine and looking in the console I even see a socket open, so I am fairly confident the config on the ELB is correct. The issue is when trying to add an agent I keep getting the following error:
ERROR: https://rancher.myhost.com/v1 is not accessible
Running a curl request gives me the following error:
SSL certificate problem: unable to get local issuer certificate
If I run the same curl request with the --insecure option I get the proper response. What is odd to me is the root CA for my cert is GeoTrust Global CA, which is very common and included in the standard Ubuntu CA bundle.
root@1817a11c1c05:/# ls /etc/ssl/certs | grep GeoTrust GeoTrust_Global_CA.pem
I would also like to note that the cert is a wildcard cert and running the curl request from my Mac works without needing the --insecure option.
Any insight would be greatly appreciated.
Thanks!