Adding new load-balancer to kubernetes x509 certificate

flindvall · January 16, 2019, 1:53pm

Hello!

I’m running a k8s cluster in AWS and I’ve created a new load-balancer that will be used to access the cluster via kubectl. I’ve update the kubeconfig with the new url but I run in to the following issue when trying to run any kubectl command:

Unable to connect to the server: x509: certificate is valid for…etcetc

I’m a bit unsure of how I can add the new load-balancer to the certificate or renew the certificate so that it includes it. Any help is welcome, thanks in advance! (edited)

letthefireflieslive · July 13, 2021, 12:22pm

Experiencing the same problem, I already tried to use --apiserver-cert-extra-sans

sudo kubeadm init --control-plane-endpoint dedicatedloadbalancerdns.com:443 --kubernetes-version v1.21.2 --pod-network-cidr 10.244.0.0/16 --cri-socket /run/containerd/containerd.sock --upload-certs --apiserver-cert-extra-sans=dedicatedloadbalancerdns.com,localhost,existingmaster.com,additionamaster1.com,additionalmaster2.com --apiserver-bind-port=443

Topic		Replies	Views
Unable to connect to the server: x509: certificate has expired or is not yet valid General Discussions	4	39632	June 28, 2021
Selecting SSL Certificate on AWS Load Balancer General Discussions docs	0	892	February 20, 2019
Create load balancer for kube-apiserver then nc -v VIP got: No route to host General Discussions docs , loadbalancer , network	1	47	September 30, 2024
Apiserver ssl certificate re-installation General Discussions	0	897	November 28, 2019
Tls: failed to verify certificate: x509: certificate signed by unknown authority" node="master-node" General Discussions development , security , network	1	3110	June 28, 2024

Adding new load-balancer to kubernetes x509 certificate

Related topics