Use oc command met error: unable to read certificate-authority /xxx/xxxxxx.crt

Solution Verified - Updated -

Environment

  • Red Hat OpenShift Container Platform
    • 4

Issue

When use oc command met error as below:

$ oc version
error: unable to read certificate-authority /tmp/20230509-all.ort for api.xxx.xxx.xxx:6443  due to open /tmp/20230509-all.crt: no such file or directory

Resolution

Update the ~/.kube/config and set insecure-skip-tls-verify to the true

Before

$ cat ~/.kube/config 
apiVersion: v1
clusters:
- cluster:
    certificate-authority: /***/****.crt

After:

$ cat ~/.kube/config 
apiVersion: v1
clusters:
- cluster:
    insecure-skip-tls-verify: true

Root Cause

From the ~/.kube/config file, we could review that configuration had set the certificate directory, Once the certificate directory was deleted, we could no longer use the oc command.

$ cat ~/.kube/config 
apiVersion: v1
clusters:
- cluster:
    certificate-authority: /***/****.crt
  • Component
  • oc

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments