currently I am struggeling with my Rancher setup. I am running a 3 node HA setup using Helm 2 (for Gitlab Integration support). The cluster is behind a L7 Loadbalancer which manages SSL.
I spin up Rancher via:
helm install rancher-latest/rancher --name rancher --namespace cattle-system --set hostname=[redacted] --set tls=external --set privateCA=true
Then I added the
cacerts.pem file like this:
kubectl -n cattle-system create secret generic tls-ca --from-file=cacerts.pem
After this I was going to the Rancher Shell and tried to curl
curl: (60) SSL certificate problem: self signed certificate in certificate chain More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.
I was also checking if the CA structure is correct which is the case. So it should be running.
I am behind a private CA which replaces all certs with a selfsigned cert.
Am I missing something?
/v3/settings/cacerts returns me all CA Certificates
Also I dont don’t get those errors on my servers itself because I already added the certificates.