Replacing the default ingress certificate in OpenShift 4.x causes x509 error for webconsole, logins, monitoring and oauth applications
Issue
-
After following the instructions for replacing the default ingress certificate, the web console and monitoring components becomes inaccessible.
-
The certificate applied to the ingress router was generated by a private/custom certificate authority;
-
When I go to login or pod logs, I get an error:
error: x509: certificate signed by unknown authority
-
Using any OpenShift component that uses the oauth-proxy/oauth-server does not work, getting
500 Internal Server Error
; -
Unable to open Grafana/Alertmanager/Prometheus GUI as it throws
500 Internal Server Error
on the screen.
Environment
- Red Hat OpenShift Container Platform (OCP)
- 4.2
- 4.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.