15 Nov 2023 01:40 PM - edited 15 Nov 2023 01:40 PM
Hi Folks,
FYI. We have faced an issue at many custormers with Dynatrace Operator. We have received ActiveGate token expiring error at containerized AGs. (Fullstack - Managed)
Operator log:
{"error":"getting reference \"XXXXXXXXXXXXXX/linux/activegate:latest\": Get \"https://XXXXXXXXXXXXX/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown authority","level":"error","logger":"dynakube","msg":"error reconciling DynaKube","name":"dynakube","namespace":"dynatrace","stacktrace":"Get \"https://XXXXXXXXXXXXXXXXX/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown authority
4 hours ago Dynatrace Operator version 0.14.2 released on GITHUB. I hope it will be reached soon via RHEL channel and there will be an official documenatation about it.
Best regards,
Mizső
Solved! Go to Solution.
15 Nov 2023 01:53 PM
Hi @Mizső
I also had a similar problem on several environments late last week. The log entry was the same and new certificates had to be generated on the client environment side.
However, I do not know if this is a 1 to 1 problem.
Radek
15 Nov 2023 01:59 PM - edited 15 Nov 2023 05:57 PM
Hi @radek_jasinski ,
Thanks for the information. Do you refer to the operator token (former api token)?
Access tokens and permissions - Dynatrace Docs
Thanks in advance.
Best regards,
Mizső
16 Nov 2023 12:13 PM
The situation on my client's environment was such that I had to, as I mentioned, generate new certificates (because the client uses its own) and re-generate access tokens. This was happening on a Managed environment.
16 Nov 2023 12:26 PM
Thanks @radek_jasinski, I am going to try it... 😉
20 Nov 2023 11:34 AM - edited 20 Nov 2023 11:35 AM
Hi Folks,
The problem was:
{"error":"getting reference \"dynatracexxxxxxxxx.hu/linux/activegate:latest\": Get \"https://dynatracexxxxxxxxxx.hu/v2/\": tls: failed to verify certificate: x509: certificate signed by unknown authority"
The solution was:
Creating a config map about the managed DT server cert in the dynatrace project:
Change the dynkube yaml ( skipCertCheck change from true to false and add trustedCAs entry with the above created configmap value) and reload it in the dynatrace project:
I hope it helps.
Best regards,
Mizső
20 Nov 2023 11:36 AM
Thank you for sharing this information:)
23 Jul 2024 09:55 PM
Do you know how can fix this same but in GCP?
28 Jul 2024 07:21 PM
Hi @Jorge-salinas,
Do you use SaaS Dynatrace form GCP?
Best regards,
Mizső
31 Jul 2024 04:32 PM
Yes, I´m trying deploy in GCP GKE