I’m using Rancher in a single docker container running version 2.4.5 and I have imported my ‘clusters’ . I currently receive the following error when I goto the rancher GUI
2021-06-10 17:54:41.461733 I | http: TLS handshake error from 127.0.0.1:59626: remote error: tls: bad certificate
2021-06-10 17:54:43.464172 I | http: TLS handshake error from 127.0.0.1:59628: remote error: tls: bad certificate
2021/06/10 17:54:43 [INFO] Waiting for server to become available: Get https://127.0.0.1:6443/version?timeout=30s: x509: certificate has expired or is not yet valid
What are the exact steps to rotate the certs , if I can’t connect to the GUI? I read that the certs expire after 1 year and once you rotate they will then expire in 10 years ? What are the exact steps to rotate the certs or create new ones ?
I’m confused. Is it about the Rancher UI certificate, or some K3s certificate? In my case, the Rancher UI cert is expired. The k3s-serving certificate in the local cluster isn’t expired, so why delete it, and how is it supposed to help?
I can log into the UI when I skip the cert error, but only the local cluster is working - the main cluster is unavailable, because the cattle-cluster-agent pod is crashing due to expired API cert.