https://rancher.com/ logo
#general
Title
# general
c

creamy-accountant-88363

12/12/2022, 7:46 PM
What is the use of the
tls-rancher-internal-ca
secret and the
/cacerts
endpoint? I have noticed when using Rancher with a private CA, this secret has a "dynamiclistener" Rancher-generated secret, instead of the user provided TLS CA + Key. This can cause an issue if you're using RKE2, since the RKE2 provisioning jobs will check the
/cacerts
endpoint, get the invalid CA, and fail. Manually updating the
tls-rancher-internal-ca
secret will fix this issue if you're using private CA as a workaround. Any thoughts? Thanks. FYI I am using Rancher 2.6.8, with the Rancher helm chart.
32 Views