K
Q

nginx ingress - unexpected error generating SSL certificate with full intermediate chain CA certs: Invalid certificate

1/29/2018

I am running nginx ingress on my kubernetes 1.9 cluster. Using internal singed certificate for the application URL, I have include root & intermediate certificate part of the TLS secretes.

From my nginx log file, I see this message frequently.

backend_ssl.go:139] unexpected error generating SSL certificate with full intermediate chain CA certs: Invalid certificate.

How to get more details about this error message?

error message:

E0129 01:11:39.582118       7 backend_ssl.go:139] unexpected error generating SSL certificate with full intermediate chain CA certs: Invalid certificate.
E0129 01:11:39.582689       7 backend_ssl.go:139] unexpected error generating SSL certificate with full intermediate chain CA certs: Invalid certificate.
E0129 01:11:39.583031       7 backend_ssl.go:139] unexpected error generating SSL certificate with full intermediate chain CA certs: Invalid certificate.
E0129 01:11:39.583308       7 backend_ssl.go:139] unexpected error generating SSL certificate with full intermediate chain CA certs: Invalid certificate.
-- sfgroups
kubernetes
nginx
ssl

Similar Questions

How should a React + Node.js app be split into containers/pods for Kubernetes?
RabbitMQ application stops when another node in cluster is shutdown
running modified Dockerfile on kubernetes with GCP
How to install Prometheus with ingress enabled on AWS with Route 53?

1 Answer

4/27/2018

Some certificates don't support it. You need to set --enable-ssl-chain-completion = false . Then it stops

-- Ahmet
Source: StackOverflow