Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

failed to verify certificate: x509: “*.s3.eu-central-1.amazonaws.com” certificate is not standards compliant #17337

Closed
Imafikus opened this issue Apr 3, 2025 · 1 comment
Closed

failed to verify certificate: x509: “*.s3.eu-central-1.amazonaws.com” certificate is not standards compliant #17337

Imafikus opened this issue Apr 3, 2025 · 1 comment
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@Imafikus
Copy link

Imafikus commented Apr 3, 2025
edited
Loading

/kind bug

1. What kops version are you running? The command kops version, will display
this information.

1.30.1

2. What Kubernetes version are you running? kubectl version will print the
version if a cluster is running or provide the Kubernetes version specified as
a kops flag.

1.31.3

3. What cloud provider are you using?

Hetzner with state bucket hosted on AWS

4. What commands did you run? What is the simplest way to reproduce this issue?

export HCLOUD_TOKEN=""
export S3_ACCESS_KEY_ID=""
export S3_SECRET_ACCESS_KEY=""
export KOPS_STATE_STORE=""
export S3_ENDPOINT=""
export S3_REGION=""

kops export kubeconfig my.cluster.k8s.local --admin

5. What happened after the commands executed?

Error described in the 8. question

6. What did you expect to happen?

To successfully log in to cluster

7. Please provide your cluster manifest. Execute
kops get --name my.example.com -o yaml to display your cluster manifest.
You may want to remove your cluster name and other sensitive information.



8. Please run the commands with most verbose logging by adding the -v 10 flag.

Paste the logs into this report, or in a gist and provide the gist link here.


I0403 19:55:37.847047    9220 factory.go:82] state store s3://nm-kops-cluster-state

I0403 19:55:37.848099    9220 s3context.go:106] Found S3_ENDPOINT="https://s3.eu-central-1.amazonaws.com/", using as non-AWS S3 backend

I0403 19:55:37.849055    9220 s3fs.go:385] Reading file "s3://nm-kops-cluster-state/fsn1-production.notify-me.k8s.local/config"

Error: error reading cluster configuration: error reading cluster configuration "fsn1-production.notify-me.k8s.local": error reading s3://nm-kops-cluster-state/fsn1-production.notify-me.k8s.local/config: error fetching s3://nm-kops-cluster-state/fsn1-production.notify-me.k8s.local/config: operation error S3: GetObject, exceeded maximum number of attempts, 3, https response error StatusCode: 0, RequestID: , HostID: , request send failed, Get "https://s3.eu-central-1.amazonaws.com/nm-kops-cluster-state/fsn1-production.notify-me.k8s.local/config?x-id=GetObject": tls: failed to verify certificate: x509: “*.s3.eu-central-1.amazonaws.com” certificate is not standards compliant

Disconnect completedError: rpc error: code = Unknown desc = failed to get configmap kubevpn-traffic-manager, err: Unauthorized


9. Anything else do we need to know?


Started happening yesterday, reason unknown

      		
    

      
  





        

            


            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @k8s-ci-robot
k8s-ci-robot




          added
  the 

  kind/bug

  Categorizes issue or PR as related to a bug.
 label


      Apr 3, 2025

    

  








      

  
      



  

  @Imafikus





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

      

      
            Imafikus
  

      

      

      commented


        Apr 5, 2025


      
    


  





      


        


  
    

      
          
Magically solved by reinstalling kops. Steps I took:


brew uninstall kops 

brew install kops

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
            

    

      
    

    


      

          @Imafikus
Imafikus




            closed this as completed


      Apr 5, 2025

    

  


    











  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    kind/bug

  Categorizes issue or PR as related to a bug.








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
    

    Development
  




            
    
No branches or pull requests







      
    

  




      

    

  
      

  

    

      2 participants
    

    

        
          @k8s-ci-robot 
        
          @Imafikus