CodeReady Workspaces 2.0 does not install properly when TLS is used

Solution In Progress - Updated -

Issue

CRW 2.0 does not properly install when TLS option is used. The CodeReady Workspaces server pod does not pass health checks.

The CRW Server pod may show logs that look like this:

----------------------- Edited stack trace from Che server follows ---------------
Caused by: java.lang.RuntimeException: Exception while retrieving OpenId configuration from endpoint: https://keycloak-workspaces.apps.ricksche2.lab.upshift.rdu2.redhat.com/auth/realms/codeready/.well-known/openid-configuration
at org.eclipse.che.multiuser.keycloak.server.KeycloakSettings.(KeycloakSettings.java:104)
......
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to
requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
... 138 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
... 152 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
... 158 more

Environment

CodeReady Workspaces 2.0, used with TLS option

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content