Hey there I am getting this error when trying to add a node to the cluster

Feb 15 00:56:06 node1 rancher-system-agent[2960]: time="2025-02-15T00:56:06Z" level=fatal msg="error while connecting to Kubernetes cluster: Get \"https://<domain>/version\": tls: failed to verify certificate: x509: certificate signed by unknown authority"

The panel is behind an nginx proxy with the following configuration

server_name <domain>;
ssl_certificate /etc/letsencrypt/live/npm-8/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/npm-8/privkey.pem;

set $connection_upgrade "Upgrade";
if ($http_upgrade = "") {
    set $connection_upgrade "close";
}

location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-SSL on;
    proxy_pass <http://rancher:80>;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    # This allows the ability for the execute shell window to remain open for up to 15 minutes. Without this parameter, the default is 1 minute and will automatically close.
    proxy_read_timeout 900s;
    proxy_buffering off;
}

If I run with no reverse proxy and try to register with http://ip:1443 it works fine Any idea why this happens and how to fix it.

your nginx reverse proxy has a cert that isn’t trusted by rancher. Follow the documented steps to configure the cert you’re using for rancher.

the cert is issued by let's encrypt

no. rancher pins the SPECIFIC cert of the rancher manager instance to prevent mitm attacks on downstream cluster nodes. Check the docs.

I see, thank you