Tls: no certificates configured
MageshSrinivasulu opened this issue · comments
Getting this error when I deploy my changes into AKS cluster. Unable to understand what's the issue is
Error :
{"level":"warn","ts":"2022-06-09T12:33:10.994Z","logger":"clusterimagepolicy","caller":"webhook/webhook.go:154","msg":"server key missing"}
2022/06/09 12:33:10 http: TLS handshake error from 10.204.8.4:57656: tls: no certificates configured
Note : 10.204.8.4 This is the IP of the node in which the pods is running
Below is the manifest of ValidatingWebhookConfiguration cosigned.sigstore.dev in the cluster
I don't see the CA bundle in the manifest. How it will get attached?
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
meta.helm.sh/release-name: cosigned
meta.helm.sh/release-namespace: test
creationTimestamp: "2022-06-09T10:10:02Z"
generation: 2
labels:
app.kubernetes.io/managed-by: Helm
name: cosigned.sigstore.dev
resourceVersion: "764086314"
uid: 72206218-6b23-4e31-88b6-c4e86e46ee83
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: webhook
namespace: test
port: 443
failurePolicy: Fail
matchPolicy: Equivalent
name: cosigned.sigstore.dev
namespaceSelector:
matchExpressions:
- key: cosigned.sigstore.dev/include
operator: In
values:
- "true"
- key: control-plane
operator: DoesNotExist
objectSelector: {}
sideEffects: None
timeoutSeconds: 10
We are facing a similar issue when we deployed this on our EKS cluster. But we have one difference in the networking, i.e. we are using calico for networking. We have tried running these pods in hostNetwork by specifying hostNetwork: true
but that is not helping either. Anything that we are missing here?
@MageshSrinivasulu This is a duplicate of #217. Could you keep one ? The error is related to the same problem.
@hectorj2f Sure. Will close this one