Unable to connect to the server: tls: failed to verify certificate: x509: certificate signed by unknown authority

m_pahlevanzadeh · December 21, 2024, 7:47am

I ran k3s-kill.sh && k3s-uninstall.sh

Then I ran # curl -sfL https://get.k3s.io | K3S_TOKEN=mohsentoken sh -s - server --cluster-init

Now I get the following messages:

[INFO]  Finding release for channel stable
[INFO]  Using v1.31.4+k3s1 as release
[INFO]  Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.31.4+k3s1/sha256sum-amd64.txt
[INFO]  Downloading binary https://github.com/k3s-io/k3s/releases/download/v1.31.4+k3s1/k3s
[INFO]  Verifying binary download
[INFO]  Installing k3s to /usr/local/bin/k3s
sh: 597: [: Illegal number: 
[INFO]  Skipping installation of SELinux RPM
[INFO]  Creating /usr/local/bin/kubectl symlink to k3s
[INFO]  Creating /usr/local/bin/crictl symlink to k3s
[INFO]  Creating /usr/local/bin/ctr symlink to k3s
[INFO]  Creating killall script /usr/local/bin/k3s-killall.sh
[INFO]  Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO]  env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO]  systemd: Creating service file /etc/systemd/system/k3s.service
[INFO]  systemd: Enabling k3s unit
Created symlink '/etc/systemd/system/multi-user.target.wants/k3s.service' → '/etc/systemd/system/k3s.service'.
[INFO]  systemd: Starting k3s

Now it’s okey.

After kubectl such as kubectl get pods I get the following error message:
Unable to connect to the server: tls: failed to verify certificate: x509: certificate signed by unknown authority

My /var/lib/rancher/k3s/server/tls/ is:

client-admin.crt       client-ca.key			client-k3s-cloud-controller.key  client-kubelet.key	client-supervisor.crt  request-header-ca.key  service.key
client-admin.key       client-ca.nochain.crt		client-k3s-controller.crt	 client-kube-proxy.crt	client-supervisor.key  server-ca.crt	      serving-kube-apiserver.crt
client-auth-proxy.crt  client-controller.crt		client-k3s-controller.key	 client-kube-proxy.key	dynamic-cert.json      server-ca.key	      serving-kube-apiserver.key
client-auth-proxy.key  client-controller.key		client-kube-apiserver.crt	 client-scheduler.crt	etcd		       server-ca.nochain.crt  serving-kubelet.key
client-ca.crt	       client-k3s-cloud-controller.crt	client-kube-apiserver.key	 client-scheduler.key	request-header-ca.crt  service.current.key    temporary-certs

How can I pass any TLS or SSL? Or how can I disable TLS/SSL ?

Installation method:

k3s

Host OS:

Debian

m_pahlevanzadeh · December 22, 2024, 5:51am

Because you use k3s, you have to copy /etc/rancher/k3s/k3s.yaml instead of admin.yaml
cp -i /etc/rancher/k3s/k3s.yaml ~/.kube/config

Topic		Replies	Views
Tls: failed to verify certificate: x509: certificate signed by unknown authority" node="master-node" General Discussions development , security , network	1	3833	June 28, 2024
Tls: failed to verify certificate: x509: certificate signed by unknown authority" node="master-node" General Discussions	0	645	April 18, 2024
Need assitance with this 509 certificate error General Discussions	0	644	August 1, 2023
Getting Error while initializing kubeadm General Discussions	2	1435	May 26, 2024
Microk8s 1.17.3 to 1.17.4: "x509: certificate signed by unknown authority" General Discussions	2	1824	April 21, 2020

Unable to connect to the server: tls: failed to verify certificate: x509: certificate signed by unknown authority

Installation method:

Host OS:

Related topics