SNO: Unable to login to the OpenShift Cluster using CLI and console in RHOCP 4

Solution Verified - Updated -

Issue

  • Cannot login to the cluster using the oc login command.
  • Upon reviewing the openshift-oauth-apiserver pod, it has x509 certificate expired error with the below error:
 "Unable to authenticate the request" err="[x509: certificate has expired or is not yet valid: current time 2024-11-13T16:13:39Z is after 2024-11-13T04:55:22Z, verifying certificate SN=xxx, SKID=, AKID=xxx failed: x509: certificate has expired or is not yet valid: current time 2024-11-13T16:13:39Z is after 2024-11-13T04:55:22Z]"
  • Even after restarting all the pods in openshift-apiserver namespace, the issue is still present.
  • From the authentication operator yaml:
 message: 'deployment openshift-authentication-operator/authentication-operator
        has a replica failure FailedCreate: pods "authentication-operator-dcb9c8ddd-nj9ng"
        is forbidden: violates PodSecurity "baseline:latest": non-default capabilities
        (container "authentication-operator" must not include "NET_ADMIN", "NET_RAW"
        in securityContext.capabilities.add)'

Environment

  • Red Hat Single Node Openshift (RHSNO)
    • 4.14

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content