Containers unable to reach external url's because of self signed certificates

nicky · April 28, 2022, 9:03am

Cluster information:

Kubernetes version: 1.23.6
Cloud being used: Bare Metal
Installation method: Package Manager
Host OS: Debian 11
CNI and version: Calico 3.22.2
CRI and version: Containerd 1.4.13

I’m working on a manifest that allows me to deploy a matrix synapse server in a kubernetes cluster, but I’m running across the issue that whenever a container tries to access a url over https, the SSL certificate that gets returned is that of my pfSense box. This happens on all of my running pods, not only on my matrix deployment.

This then causes self signed certificate errors in matrix (and other applications).

nicky · April 28, 2022, 12:52pm

After messing around in the container, I found out that whenever my containers make a dns querry, my domain gets appended to it.

So google.com becomes google.com.mydomain.com.

Anyone got an idea as to why this is happening?

Topic		Replies	Views
Issues with DNS resolution of cert-manager webhook General Discussions network	0	70	April 3, 2024
Need help in configuring a simple TLS/SSL within k8s cluster for pod to pod communication over https General Discussions	2	1995	June 1, 2021
Kubernetes communication between pods and external machines is sometimes blocked by UFW General Discussions network	2	2964	September 5, 2023
[SOLVED] X509 Certificate Error microk8s	3	12200	December 17, 2020
PKIX/TLS Certs General Discussions	0	414	May 6, 2022

Containers unable to reach external url's because of self signed certificates

Cluster information:

Related Topics