http: proxy error: x509: certificate signed by unknown authority #227
Comments
|
the clusterrole prometheus used is adequate. I tried it token in bash terminal, can output metrics from controller manager |
|
|
|
Based on the picture and the error message, I would assume that this is being logged by kube-rbac-proxy? So you need to provide a CA for TLS. Upstream (the thing that is being protected by kube-rbac-proxy) is listening on https, so you would need to provide the CA for upstream with this flag: If a client that wants to connect to upstream through kube-rbac-proxy, causes the logs, you need to specify the set CA of the client with this flag: |
|
I just wanted to follow up on the x509 error issue you reported. It's been a couple of weeks since I suggested a possible solution, and I haven't heard back from you. I'm going to assume that either the issue has been resolved, or you're currently unable to provide more information. With that in mind, I'll be closing this issue for now. If you still encounter this issue in the future, I kindly request that you thoroughly review the README and existing documentation to see if your concern has already been addressed. If you're unable to find the necessary information and can provide more context or background, please consider creating a new issue with the required details. Thank you for your understanding, and I appreciate your contribution to this project. |
I0320 07:50:02.982987 1 log.go:198] http: proxy error: x509: certificate signed by unknown authority
I0320 07:55:02.982838 1 log.go:198] http: proxy error: x509: certificate signed by unknown authority
I need to use Prometheus collect controller-manager's metrics,
but controller-manager listen on 127.0.0.1,
I use kube-rbac-proxy let Prometheus can connect to Controller-Manager, but emerge some errors.
The text was updated successfully, but these errors were encountered: