K
Q

Accessing Kubernetes / Kubernetes API using KubernetesDotNet

8/31/2018

I'm running a webAPI application that is actually using KubernetesDotNet [or other clients] to connect to a remote Kubernetes cluster API.

Locally is working, but once I publish in the server I started receiving

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel

The connection is stablished reading a .pfx file.

IKubernetesClient k8sClient = new SslClientConfiguration
{
    ClusterUri = new Uri(
                        "https://remotekubernetes.hcp.eastus.azmk8s.io"),
    Certificate = new X509Certificate2(
        HostingEnvironment.ApplicationPhysicalPath + "certificate.pfx",
                    "12345608765422", 
                    X509KeyStorageFlags.UserKeySet)
}.CreateClient( AuthType.SSLAuth);

That cert I get it using the .kube/config file information, nevertheless I have also tested locally this

IKubernetesClient k8sClient = new KubeConfigClientConfiguration(
    HostingEnvironment.ApplicationPhysicalPath + "config"
    ).CreateClient(AuthType.SSLAuth);

Accessing a copy of the .kube/config and is also working fine.

The thing is that once I publish the webApi application I start receiving the SSL errors.

How to fix this?

-- JuanK
asp.net-web-api
kubernetes
kubernetes-security
ssl
x509certificate

Similar Questions

Kubernetes - Trigger a rebalancing of pods
Is a SharedIndexInformer's Indexer's ThreadSafeStore ever emptied?
Creating custom kubernetes cli
Apache flink on Kubernetes - Resume job if jobmanager crashes
Why am I not seeing the worker node in my cluster?
SSL handshake failed in Kafka broker
Accessing an external InfluxDb Database from a microk8s pod using selectorless service and manual endpoint?

0 Answers