As I mentioned in #478, the brupop API server on one of my EKS clusters apparently has an untrusted TLS cert:
> kubectl -n brupop-bottlerocket-aws get bottlerocketshadows
Error from server: conversion webhook for brupop.bottlerocket.aws/v1, Kind=BottlerocketShadow failed: Post "https://brupop-apiserver.brupop-bottlerocket-aws.svc:443/crdconvert?timeout=30s": x509: certificate signed by unknown authority
I installed brupop using the 1.1.0 manifest file and it is working fine on several other EKS clusters deployed using the same method.
Image I'm using:
1.1.0
Issue or Feature Request:
Looking at the PKI for brupop I see a self-signed issuer cert, but I'm not clear on how this cert is supposed to be trusted. Any advice on how to troubleshoot this issue would be appreciated.
As I mentioned in #478, the brupop API server on one of my EKS clusters apparently has an untrusted TLS cert:
I installed brupop using the 1.1.0 manifest file and it is working fine on several other EKS clusters deployed using the same method.
Image I'm using:
1.1.0
Issue or Feature Request:
Looking at the PKI for brupop I see a self-signed issuer cert, but I'm not clear on how this cert is supposed to be trusted. Any advice on how to troubleshoot this issue would be appreciated.