Failure to login to OpenShift 4.x due to "remote error: tls: unsupported certificate"

Solution In Progress - Updated -

Issue

  • I was following this documentation for where the client certificate is configured in OpenShift for auth, but I cannot login.
  • When I was trying to login to OCP, the oauth server pod was trying to connect to my IDP server. I then encountered the following errors in these logs:

oauth-server pod logs:

E1127 00:08:04.706838       1 login.go:171] Error authenticating "user" with provider "basicidp": Get https://node-0.lab.example.com: remote error: tls: unsupported certificate

Apache HTTPD webserver logs:

[Tue Nov 26 19:08:03.525871 2019] [ssl:info] [pid 9466] [client 10.74.178.39:40128] AH02276: Certificate Verification: Error (26): unsupported certificate purpose [subject: CN=test.example.com / issuer: CN=Easy-RSA CA / serial: CBFD53652F4D2165EAA1102D0524B066 / notbefore: Nov 21 23:58:10 2019 GMT / notafter: Nov  5 23:58:10 2022 GMT]

Environment

  • OpenShift Container Platform 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content