Changing RHACS route to edge and re-encrypt route users cannot access the RHACS console
Issue
- By default central route is configured in passthrough mode and that is working fine.
- After changing the RHACS route to Edge and Re-encrypt route, users cannot access the RHACS console.
- The collector pods and sensor pods fail to start as the installed certificate remains unrecognised due to their reliance on an internal svc hostname for connection.
-
The sensor is not able to communicate with the central as it is expecting the certificate with CN
central.advanced cluster-security.svc
and is for the internal communication.error: Sensor reported an error: opening stream: rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: x509: certificate is valid for *.apps.cluster.domain, not central.advanced-cluster-security.svc"
Environment
- Red Hat Advanced Cluster Security for Kubernetes (RHACS)
- 3
- 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.