rancher icon indicating copy to clipboard operation
rancher copied to clipboard

Published 20 hours ago verified publisher icon rancher

[BUG] Manager in Docker with Enterprise proxy error : "x509: certificate signed by unknown authority" in Apps/Charts

Open dominiquefournier opened this issue 1 year ago • 0 comments

Rancher Server Setup Rancher v2.8.2 (Installed by Docker) Dashboard v2.8.0 Helm v2.16.8-rancher2 Machine v0.15.0-rancher106

  • Proxy/Cert Details: Entreprise proxy is squid, with SSL Bump or not (both provide the same error)

Information about the Cluster

  • Kubernetes version: v1.29.1 +k3s2
  • Cluster Type (Local/Downstream): Downstream
    • If downstream, what type of cluster? (Custom/Imported or specify provider for Hosted/Infrastructure Provider): Imported

User Information

  • What is the role of the user logged in? (Admin/Cluster Owner/Cluster Member/Project Owner/Project Member/Custom) Admin

Describe the bug Rancher Manager launched from Docker with an Entreprise proxy do not display the Apps/Charts correctly. In the firefox logs, there is the error

{"type":"error","links":{},"code":"ServerError","message":"Get \"https://docs.ondat.io/images/generic/Ondat_logo.svg\": tls: failed to verify certificate: x509: certificate signed by unknown authority","status":500,"type":"error"} And the images are not displayed correectely. All the apps are not displayed (like Monitoring), and can not be installed.

To Reproduce Create a docker-compose.yml containing :

version: '3'

services:
  rancher:
    image: rancher/rancher:latest
    restart: unless-stopped
    ports:
    - "7443:443"
    volumes:
    - rancher-data:/var/lib/rancher
    - /docker/Rancher/certs:/container/certs
    - /var/log/rancher/auditlog:/var/log/auditlog
    privileged: true
    environment:
    - SSL_CERT_DIR=/container/certs
    - AUDIT_LEVEL=1

volumes:
  rancher-data:

Add the certificate of the proxy in /docker/Rancher/certs directory Start with docker-compose up -d

I also add the HTTP_PROXY,HTTPS_PROXY,NO_PROXY parameters without luck

Result Capture d'écran-2024-02-23 16:44:57

Expected Result Display the images of the software on top, and display correctly all the available apps on the repository (like Monitoring)

Used documentations https://ranchermanager.docs.rancher.com/reference-guides/single-node-rancher-in-docker/advanced-options#custom-ca-certificate https://ranchermanager.docs.rancher.com/reference-guides/single-node-rancher-in-docker/advanced-options

dominiquefournier avatar Feb 23 '24 15:02 dominiquefournier