Failure to login to OpenShift 4.x due to "remote error: tls: unsupported certificate"
Issue
- I was following this documentation for where the client certificate is configured in OpenShift for auth, but I cannot login.
- When I was trying to login to OCP, the oauth server pod was trying to connect to my IDP server. I then encountered the following errors in these logs:
oauth-server pod logs:
E1127 00:08:04.706838 1 login.go:171] Error authenticating "user" with provider "basicidp": Get https://node-0.lab.example.com: remote error: tls: unsupported certificate
Apache HTTPD webserver logs:
[Tue Nov 26 19:08:03.525871 2019] [ssl:info] [pid 9466] [client 10.74.178.39:40128] AH02276: Certificate Verification: Error (26): unsupported certificate purpose [subject: CN=test.example.com / issuer: CN=Easy-RSA CA / serial: CBFD53652F4D2165EAA1102D0524B066 / notbefore: Nov 21 23:58:10 2019 GMT / notafter: Nov 5 23:58:10 2022 GMT]
Environment
- OpenShift Container Platform 4.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.