X509: certificate signed by unknown authority


I am receiving this inside rancher-agent log file:

Exiting. Error: Get https://rancher-server/v2-beta: x509: certificate signed by unknown authority (possibly because of “x509: invalid signature: parent certificate cannot sign this kind of certificate” while trying to verify candidate authority certificate “rancher-server”)

Certificate is self-signed, with SAN extension. I am able to connect without problem from container to the rancher-server using openssl:

openssl s_client -showcerts -connect rancher-server:443 </dev/null
(Verify return code: 0 (ok))

What am I missing. Where do I have to add self signed certificate support?



It is Strange as i am also seeing the same error. although this has only happened since yesterday when building a new server.
Unable to find image ‘rancher/server:stable’ locally
docker: Error response from daemon: Get https://registry-1.docker.io/v2/rancher/server/manifests/stable: Get https://auth.docker.io/token?scope=repository%3Arancher%2Fserver%3Apull&service=registry.docker.io: x509: certificate signed by unknown authority.
an issue with rancher or a certificate error generated by docker?