Unable to deploy Teleport: Get "https://teleport.domain.intern:443/webapi/find": tls: failed to verify certificate: x509: certificate is not valid for any names, but wanted to match teleport.domain.intern
#50539
-
Installation Cmd:
prod-cluster-values.yaml:
Error Log:
I have the teleport cluster behind an nginx proxy. Everything works normal and I can access everything from web-ui and from tsh except for registering an self hosted kubernetes cluster. Some month ago we already bind the same cluster and it works without any problems. Now suddenly some weeks ago, the connection failed with the same error message. We updated teleport, linux and kubernetes but nothing resolves the error. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
Where did your TLS certificate on You can check with $ echo "" | openssl s_client -connect teleport.example.com:443 -showcerts 2>/dev/null | openssl x509 -noout -text | grep -A1 "Subject Alternative Name"
X509v3 Subject Alternative Name:
DNS:*.teleport.example.com, DNS:teleport.example.com Alternatively, your nginx proxy may be misconfigured and your agent is failing to tunnel to the Teleport auth service through it. Can you share your nginx config? |
Beta Was this translation helpful? Give feedback.
We have identified the issue, and it turns out it was on our server provider's side. It seems they misconfigured their DNS, which prevented TLS certificates from being validated.
So, to clarify, this was not an issue with Teleport itself.
I'm Sorry to bother you guys with this ticket, I'm going to close it now.