OpenShift pods don't trust the OpenShift CA certs

Solution Verified - Updated -

Issue

  • Pods being started in OpenShift cluster do not trust the internal CA
  • We are getting x509: certificate signed by unknown authority when pods are spinning up in our cluster. The untrusted CA is the OpenShift CA.
  • A curl from the actual nodes (master, infra, app) comes back with the expected response.
  • Redeployed the certificates, but pods still won't trust the CA

Environment

  • Red Hat OpenShift Container Platform
    • 3.9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content