12/16/2022, 2:23 PM
Hi Everyone, I'm having some issues with my downstreams clusters on RKE2. When I deploy any downstream cluster from Rancher (v2.6.8) GUI, the deploy stucks and the provisioning log tab shows this: [ERROR] Failed to set up SSH tunneling for host []: Can't retrieve Docker Info: error during connect. I accessed the cluster (In this case just for testing pupouse is a one node cluster doing control plane, worker and etcd) via ssh and do a "docker ps" and a "docker logs". This logs show: time="2022-12-16T135509Z" level=error msg="Issuer of last certificate found in chain (CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB) does not match with CA certificate Issuer (CN=dynamiclistener-ca@1662989077,O=dynamiclistener-org). Please check if the configured server certificate contains all needed intermediate certificates and make sure they are in the correct order (server certificate first, intermediates after)" time="2022-12-16T135509Z" level=fatal msg="Server certificate is not valid, please check if the host has the correct time configured and if the server certificate has a notAfter date and time in the future. Certificate information is displayed above. error: Get \"\": x509: certificate has expired or is not yet valid: current time 2022-12-16T135509Z is after 2022-11-26T235959Z" I am running Rancher in HA cluster with HAProxy in front of it. The downstream cluster creates VMs in VMware architecture and they all stuck at this point. I know that is a certificate issue but I don't know where I can find o replace that certificate. I will appreciate any kind of help. I'm trying to solve this issue since long time.