-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS handshake error when following README in local cluster #93
Comments
When you change CA_BUNDLE of webhook with output of
|
This issue got resolved by changing the latest image to 'edge' image.
For openshift we decided to use the service signer built in injecting a secret into our namespace based on this repo |
As this repo is quite old without any updates, would you be open for PR's? |
Summary
When executing the readme (manual deployment) in a rancher desktop local environment to get to know the product, I am receiving
Internal error occurred: failed calling webhook "sidecar-injector.conjur.org": failed to call webhook: Post "https://cyberark-sidecar-injector.injectors.svc:443/mutate?timeout=10s": x509: certificate signed by unknown authority:Deployment does not have minimum availability.
in my deployment of the testing app.In the logs of the mutating webhook pod I am seeing multiple
http: TLS handshake error from 10.42.0.1:42142: remote error: tls: bad certificate
error lines.This is being tested by bypassing the conjur setup locally as I expect the mutation to happen ( authentication sidecar gets injected) and only then the conjur connection not being available would cause errors.
We decided to give it a go and test this in our openshift test environment using the helm chart, but are getting exactly same issue over there. In that environment conjur is set up and working. Would love to get it running locally first so that we can test the product in a "playground" environment.
Reproducible
Version/Tag number
latest/master
Environment setup
Rancher desktop on MAC + Openshift
The text was updated successfully, but these errors were encountered: