NET::ERR_CERT_AUTHORITY_INVALID using wildcard in kubernetes

mcordova · May 27, 2021, 6:59pm

Hi, I'm getting the warning above when I try to acces via browser to my site, I have a few environments using the same domain and I have an Ingress for the each subdomain routing.

I'm starting to try the Let's Encrypt certs using cert-manager but is not working for me, I checked the certificate and is correctly issued but I'm still getting the error.

Thanks in advance!!

My domain is:
https://app.stage.nebulainsurancecloudengine.com/

I ran this command:
Try to access the url using Google Chrome

It produced this output:
NET::ERR_CERT_AUTHORITY_INVALID

My web server is (include version):
Kubernetes 1.19.9

My hosting provider, if applicable, is:
Google Cloud

I can login to a root shell on my machine (yes or no, or I don't know):
yes

rg305 · May 27, 2021, 9:11pm

Hi @mcordova, and welcome to the LE community forum

It doesn't seem to be using the correct cert:
SSL Server Test: app.stage.nebulainsurancecloudengine.com (Powered by Qualys SSL Labs)

And the wildcard that is seen at that IP was issued to a shorter path:
*.nebulainsurancecloudengine.com
which won't overlap the period found in "app.stage" and can't match that name.
[for that you would need a wildcard for: *.stage.nebulainsurancecloudengine.com]
[or change the name to: app-stage.nebulainsurancecloudengine.com]

system · June 26, 2021, 9:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.