K
Q

Kubernetes dashboard renew SSL certificates

10/11/2019

At the moment my kubernetes dashboard shows me that my session in insecure. I have updated the path at with I keep the dashboard certs (/root/certs/) and I need to know how to get kubernetes to use them.

I have tried to:

  • Delete the secret kubernetes-dashboard-certs which deletes that secret successfully.
  • Add my new dashboard.crt & dashboard.key to /root/certs/ (readable by all)
  • Created the secret again with kubectl create secret generic kubernetes-dashboard-certs --from-file=/root/certs -n kubernetes
  • Logged into dashboard and it still shows insecure (because the SSL cert is not being updated)
-- aphexlog
kubernetes
kubernetes-dashboard
ssl

Similar Questions

How can I copy data from a bound persistent volume?
how to pass --packages to spark-submit in Kubernetes managed cluster?
Pods of job get killed because of propagation of object cache
How to assign equal deployments across multiple nodes

1 Answer

10/14/2019

Have you created authentication token (RBAC)? You can get more information from here.

Try to regenerate your cluster certificates, check documentation. If you used kubeadm then from control plane node you can run:

$ kubeadm alpha certs renew

Also what can be helpful is to restart apiserver:

user@test-calico:~$ sudo docker ps -a | grep apiserver
834ed10cbce3        5eb2d3fc7a44                   "kube-apiserver --ad…"   4 weeks ago         Up 4 weeks                                      k8s_kube-apiserver_kube-apiserver-test-calico_kube-system_019eaca18f2defc3759027d8220b3451_0
87c22315ce21        k8s.gcr.io/pause:3.1           "/pause"                 4 weeks ago         Up 4 weeks                                      k8s_POD_kube-apiserver-test-calico_kube-system_019eaca18f2defc3759027d8220b3451_0

$ sudo docker restart 834ed10cbce3

Please refer to following post Kubernetes: expired certificate.

-- muscat
Source: StackOverflow