Using rke, I have installed kubernetes v1.12.1
I then installed rancher ui v 2.1.0.
I constantly see the below message in the cattle cluster and node logs:
time=“2018-11-27T17:09:19Z” level=info msg=“Option requestedHostname=xx.xx.xx.xx”
time=“2018-11-27T17:09:19Z” level=info msg=“Connecting to wss://xx.xx.xx.local/v3/connect with token 4nzpj48zz4zjgzqgq6scw42j94xj7qq4wvhdwdltqhtjjnzx48xqw5”
time=“2018-11-27T17:09:19Z” level=info msg=“Connecting to proxy” url=“wss://xx.xx.xx.xx.local/v3/connect”
time=“2018-11-27T17:09:20Z” level=error msg=“Failed to connect to proxy” error=“x509: certificate is valid for ingress.local, not xx.xx.xx.xx.sandbox.local”
looks like the certificate that is generated has CN=ingress.local and not the ***.sandbox.local. It should have the FQDN as part of CN or Subject Alternative Names.
Even I got the same error , how to debug that or where we need to make the changes
@ChinmoyPadhi this certificate is valid just to ingress.local. When you try use for xx.xx.xx.xx.sandbox.local this isn’t valid.
You need change this certificate for other with the correct CN.
@Bitenca, Sorry I didn’t understand the last line , could you please explain a bit more if that’s ok for you
Hi @ChinmoyPadhi you certificate needs your Common Name (CN). Like @Sarma_K said “CN=ingress.local and not the ***.sandbox.local”.
If CN doesn’t match… your certificate is not valid. So you need a new certificate for ingress.local or your local domain.