VMware Cloud Community
markwcraft
Contributor
Contributor
‎09-16-2022 04:43 AM

x509: certificate signed error

I am currently testing Tanzu and when we try to deploy a pod from an external Harbor install we are getting an x509 error.

Error:  Error: Failed to resolve on node <esxi host name>. Reason: Http request failed. Code 400: ErrorType(3) failed to do request: Head "https://tanzu-harbor.gmu.edu/v2/ubi8/ubi8/manifests/latest": x509: certificate signed by unknown authority. To trust certificates signed by custom CA, CA certificate must be added to 'image-fetcher-ca-bundle' configmap in 'kube-system' namespace: ErrImagePull

I have update the imager-fetcher-ca-bundle using "kubectl edit configmap image-fetcher-ca-bundle -n kube-system", but the CA cert does not apply.   

Would like to know if I am missing something.  

Thanks

0 Kudos
2 Replies
usman17
Contributor
Contributor
‎03-01-2023 02:37 AM

Any solution to below problem. I am facing similar issue

0 Kudos
markwcraft
Contributor
Contributor
‎03-01-2023 05:54 AM

With the amount of troubleshooting we did, we are not 100% on the solution as it just started to work.   The last step we did was to recreate the cert chain again and validate with OpenSSL.  

0 Kudos