问题描述:
后端日志报错:x509: certificate signed by unknown authority
登陆pod测试:
原因: 因为自签名证书,不能识别到根证书
解决:
1.临时办法
把根证书复制到pod
kubectl cp **.crt /usr/local/share/ca-certificates/
kubectl exec -it ** -- update-ca-certificates
2.重新打镜像
cat Dockerfile FROM harbor.**/** COPY ca-base64.crt /usr/local/share/ca-certificates/ COPY ca-root-base64.crt /usr/local/share/ca-certificates/ RUN update-ca-certificates
docker build -t *** .
3.可以通过configmap,然后挂载方式, 没有去验证
- certificate authority 证书 unknown signedcertificate authority证书unknown certificate authority unknown docker certificate authority时报unknown certificate_unknown self-signed certificate openssl signed certificate_unknown certificate connection negotiate certificate authority trusted issued ca-certificate certificate authority ca certificate unexpected occurred signed csr-certificate certificate同时signing