Rancher agent "x509: certificate signed by unknown authority" with DigiCert

Hi

We have a test cluster set up (created with RKE). I’m trying to import it into a Rancher instance that is behind a L7 load balancer which is doing SSL termination (with a DigiCert certificate that is trusted on every machine that I’ve tested on). The agent docker container doesn’t work, however giving me errors like:

time="2019-08-23T17:31:50Z" level=error msg="Failed to connect to proxy" error="x509: certificate signed by unknown authority"
time="2019-08-23T17:31:50Z" level=error msg="Failed to connect to proxy" error="x509: certificate signed by unknown authority"
time="2019-08-23T17:32:00Z" level=error msg="Failed to connect to proxy" error="x509: certificate signed by unknown authority"
time="2019-08-23T17:32:00Z" level=error msg="Failed to connect to proxy" error="x509: certificate signed by unknown authority"

I have the rancher deployment itself running with --no-ca-certs (because it is behind a publicly trusted DigiCert). What am I doing wrong?

Most likely the intermediate certificate is not included in the server certificate, can you share what you configured?