Unable to connect to the server: tls: failed to verify certificate: x509: certificate signed by unknown authority

UNIX for Advanced & Expert Users
1

curl --insecure -sfL https://127.0.0.1:443/v3/import/vpfc2l4wsmlwc6vkcsnsffxlc64f92j77vqnslz4dhqkkcw5vjh5v5_c-m-4txrswkt.yaml | kubectl apply -f -

Gives me the above output.

I am trying to install rancher and k3s. I want k3s that I make in my application server in linux be seen on rancher gui in website(localhost).

image
image982×501 21.8 KB

I am doing everything as per the instruction. But facing tons of issues.

I know the problem lies in the ~/.kube/config file which is as belows. And it lies in the certificate part. But I am not aware how do I fix it.

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTURZME5USXdOVE13SGhjTk1qUXdNVEk0TVRReU56TXpXaGNOTXpRd01USTFNVFF5TnpNegpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTURZME5USXdOVE13V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUeGViV2o0eXlNSE5NSlgwWU5Sb1lqaHRvMnU5STdTbWZLR2YrNVdoS3oKTDRlMnFxQUpPQi9DcFd0aXpJd3FDc3lMNEtLVE1keTFQV2xhQ3Zobm5GNEhvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTRDaFhsNVVvc3EvWXlFd3BHZ1JOClluditJdVF3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUxnNmJ3TzltdVNyejA1eU5vUVBTcTdIT3RGeU4yeEMKMWlSaFFSUHAwdlpUQWlBZyt2QXBiZDhsMmNmNGtHajdOMzc4QlpsRjgrTWxhUFFiWVlmanoyZE9hZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    server: https://127.0.0.1:443
  name: default
contexts:
- context:
    cluster: default
    user: default
  name: default
current-context: default
kind: Config
preferences: {}
users:
- name: default
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJQnVtMUtJVUpyYUF3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOekEyTkRVeU1EVXpNQjRYRFRJME1ERXlPREUwTWpjek0xb1hEVEkxTURFeQpOekUwTWpjek0xb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJJQ21YWHQyM3B3d0NETm8KUFNJTFJ1VGRlOUR4QTZENGZhN0N5ZFVEN0xMNU03a3EzOFcvZEc1WnZXcWRjK2JKUFdqU1NuYVoxU3NuNlltUQp2YWQvbThPalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUW8weU1raTBaRUQ0bWd0eitJMGxQUTlBTWtyVEFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlCMG5WQzdYc0FqMmY5cTllaXhOZlY4VnM1eHE0Rm1GdEZ4dHczejkzREFSZ0loQUlUUmMrVWo3RGZ5RmVCQQp3WGRrM0RXcnpRQ3ArUURzaVNuQ0g3V1lJYlZvCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTURZME5USXdOVE13SGhjTk1qUXdNVEk0TVRReU56TXpXaGNOTXpRd01USTFNVFF5TnpNegpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTURZME5USXdOVE13V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFTRzhxV292WFVqTUttSGgvanovaXh1d0NOdXliek9SaVppR3AyOWd5ZVYKSmdTVEQxWWt3R0lIbzJwWkIwWWJ0WXFmZi9LZStaYWVEdlR6U2NLRGYwMzlvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVUtOTWpKSXRHUkErSm9MYy9pTkpUCjBQUURKSzB3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQVBOMjlHa2hNdm5NY3VyOU1ZM05UajFONUFBWmR5cnMKQ3RrV3NQc0dsUE1SQWlFQW5lN0hQeC9WRDZLa3ZqT3hBL3dFRlZVMGs4elROeVhLdXVaZlJDQTc5QUk9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU82NmJKWVJZOWhsY0dQZkRlTkxrQlBtQzc2NW9lVFpiQkRIa3pCcHV1RlpvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFZ0taZGUzYmVuREFJTTJnOUlndEc1TjE3MFBFRG9QaDlyc0xKMVFQc3N2a3p1U3JmeGI5MApibG05YXAxejVzazlhTkpLZHBuVkt5ZnBpWkM5cDMrYnd3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=

This answer on SO suggested to make a cert file and put it there, but there are two certificates listed by this and I am not aware how do I combine them in a single file.

openssl s_client -showcerts -connect localhost:443

-----BEGIN CERTIFICATE-----
MIIB4jCCAYigAwIBAgIIKYUZ2mPeKxswCgYIKoZIzj0EAwIwRjEcMBoGA1UEChMT
ZHluYW1pY2xpc3RlbmVyLW9yZzEmMCQGA1UEAwwdZHluYW1pY2xpc3RlbmVyLWNh
QDE3MDY0NjIzMjEwHhcNMjQwMTI4MTcxODQxWhcNMjUwMTI3MTgwMzQ1WjAkMRAw
DgYDVQQKEwdkeW5hbWljMRAwDgYDVQQDEwdkeW5hbWljMFkwEwYHKoZIzj0CAQYI
KoZIzj0DAQcDQgAE84dFlhMAXB0jI5GuQap+iwWb9d+GQSAbZXWnXaxBqrRk83VR
75MXF9w8IANaK/oAARNkTR+/cOQXOVY6gTgPRKOBgTB/MA4GA1UdDwEB/wQEAwIF
oDATBgNVHSUEDDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBTm3b6UNB0O6Vd2WpAE
OFnqC6yh2jA3BgNVHREEMDAugglsb2NhbGhvc3SCFXJhbmNoZXIuY2F0dGxlLXN5
c3RlbYcEfwAAAYcErBEAAjAKBggqhkjOPQQDAgNIADBFAiEAznhLUGR0gKXM1geW
TTeUCCBMo2taK5KpyW0n6R4Ska0CIB6dVObIQozAHdyrXtXZ/2rdogTJKfFmIXx2
hgHYKoxP
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIBvTCCAWOgAwIBAgIBADAKBggqhkjOPQQDAjBGMRwwGgYDVQQKExNkeW5hbWlj
bGlzdGVuZXItb3JnMSYwJAYDVQQDDB1keW5hbWljbGlzdGVuZXItY2FAMTcwNjQ2
MjMyMTAeFw0yNDAxMjgxNzE4NDFaFw0zNDAxMjUxNzE4NDFaMEYxHDAaBgNVBAoT
E2R5bmFtaWNsaXN0ZW5lci1vcmcxJjAkBgNVBAMMHWR5bmFtaWNsaXN0ZW5lci1j
YUAxNzA2NDYyMzIxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtQKcIsQs3ZV4
SjDAv/MF2M5sbtb5Z80hSVFHWa6U1qx6LhHZM64rsx9JHYvbpKaX/OmZQCq2mFu5
KgpIzhpE/6NCMEAwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB/wQFMAMBAf8wHQYD
VR0OBBYEFObdvpQ0HQ7pV3ZakAQ4WeoLrKHaMAoGCCqGSM49BAMCA0gAMEUCIBrj
W7whhx0wueuOOsW4DKPALMvvxjrfdD0Ee5WrW1fOAiEA6lQg8HihtHyXF9OmJEiv
x+iz7MY1As/JImOfxevq+bE=
-----END CERTIFICATE-----
2

[root@w1 .kube]# kubectl apply -f https://127.0.0.1:443/v3/import/vpfc2l4wsmlwc6vkcsnsffxlc64f92j77vqnslz4dhqkkcw5vjh5v5_c-m-4txrswkt.yaml --insecure-skip-tls-verify=true
When I try to ignore the ssl cert, I get
Error from server (NotFound): the server could not find the requested resource