After installing a new self-signed certificate into Velum, Kubernetes only sees "certificate has expired or is not yet valid" error

  • 7023112
  • 19-Jun-2018
  • 02-Jul-2018

Environment

SUSE CaaS Platform 3.0

Situation

After installing a new self-signed certificate into Velum, Kubernetes only sees "certificate has expired or is not yet valid" error.

Resolution

When adding a certificate into Velum, the entire URL must be used including the port number, please see below:

Incorrect URL:  smt.example.com
Correct URL: https://smt.example.com:5000

After applying the change, Velum will re-bootstrap. Any failed pods should be killed and they will automatically be recreated using the new certificate.

Cause

Incorrectly specifying the certificate URL (Uniform Resource Locator) during creation.

Status

Security Alert

Feedback service temporarily unavailable. For content questions or problems, please contact Support.