This message was deleted.
# rancher-desktop
a
This message was deleted.
w
didn't provide where you are getting self-signed or what platform you are on, but you can poke at https://github.com/rancher-sandbox/rancher-desktop/issues/5165. Should source all the trusted CAs from your keychain/windows cert manager
p
Sorry I'm using Windows and not MacOS. I got this error on the "k8s" log file on AppData.
w
so RD should do the same thing won windows w CAs from cred manager, but any more specifics in the k8s log?
p
2024-11-25T135529.073Z: Updating release version cache with 0 items in cache 2024-11-25T135542.963Z: updateCache: error: FetchError: request to https://update.k3s.io/v1-release/channels failed, reason: self signed certificate in certificate chain
It can't download k3s versions because Zscaler is rewriting the certificate and Rancher Desktop doesn't trust it
w
ok so thats a fetch call
did you try adding your internal CA cert via NODE_EXTRA_CA_CERTS?
p
But I don't have any problem with my Browser, that's why I try to add custom CA. I'll try it, I have to understand how it works on Windows, I just have to setup the environment variable and relaunch RD right?
w
the https agent should still have all the CAs from cred manager and if it was missing you would see a ton of errors in browsers etc
yup just add it to your User Env and quit and relaunch RD and see if things improve. I will see if i can find where the RD team do the cred manager pull in the code
p
Thank you, I'm trying, I'll let you know
p
My OS is in French but all CA are in "Trusted Root Certification Authorities" on Local Computer
👍 1
NODE_EXTRA_CA_CERTS not seems to work, I tried NODE_TLS_REJECT_UNAUTHORIZED too but no more luck...
w
may be best to open an Issue on the repo. feels like the CA store is not being read correctly. i am in the same boat w TLS interception and no issues, but may be more subtle
p
I made it work. I had to launch Rancher Desktop with command line after setting the env variable : PS C:\temp> $env:NODE_TLS_REJECT_UNAUTHORIZED=0 PS C:\temp> & 'C:\Program Files\Rancher Desktop\Rancher Desktop.exe'
I still have problems being behind a proxy but I passed this step
w
so i would double check you hit OK after adding it to the User env as it seems like it didn't "stick"
p
In fact, I think it's useless, I should better dig with the Air Gapped Installation
w
you can check $env or hit
set
and see those in a new window
yeah if your admins are blocking routes than yeah can't really fix that. best to go airgap
102 Views