This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
Container platforms
Questions about Kubernetes, OpenShift, Docker, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Fix x509 Certificate Validation Errors in Dynatrace Kubernetes Monitoring

Go to solution
yuesong_teh
Participant

‎10 Oct 2025 12:08 PM - last edited on ‎22 Jan 2026 08:38 AM by Community Team

Summary: This thread explains why x509 certificate validation errors occur in Dynatrace–Kubernetes integrations and how to resolve them.



Hi All,

I am facing this issue when trying to download both AG & OA images.
We have an architecture where Kubernetes is on-prem, which has no direct connection to Dynatrace SaaS, and we also have an on-prem AG that can connect to Dynatrace SaaS.

What we had modified is setting the apiURL to point to on-prem AG and some other modifications:
- skipCertCheck is true
- Try to configure trustedCA (but this might not be applicable as the current issue is that the AG cert doesn't contain any IP SAN, which is different from the common one, where they facedan  issue of a certificate signed by an unknown authority)

Current workaround is getting image from private registry, which we would not like to go with this option as it is hard to maintain those images and yeah the version update (not considering CICD pipeline to update image for now)

Hence would like to seek advice on solving this matter.

Thanks.

Labels:
0 Kudos
Reply
1 REPLY 1

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend

‎26 Oct 2025 02:48 PM

This setup won't work as you need to set up DynaKube against the Dynatrace environment. The Docker registry is available on the cluster only. While the Dynatrace API is also available through the Environment ActiveGate, the Docker repository is not. I don't think this scenario of connecting DynaKube to Environement AG is even supported.

If you are not allowed to pull images from public repositories, then pushing them to your private registry is the only option. It's less complicated than it sounds.

Dynatrace Ambassador | Alanata a.s., Slovakia, Dynatrace Master Partner
0 Kudos
Reply
Ask a question

Featured Posts