Hello some one had problems integrating Dynatrace with Openshift 4.2 with TLS errors. Presenting this the following message in UI and logs,
The integration work Ok with API Token and Bearer Token ,without Certification enable.
When try to enable this is observed Red Error and this entry on log
2020-04-01 13:38:38 UTC INFO [<tenant> ] [KubernetesFastCheck] Fast check failed for endpoint https://api.xxx..xxx.com:443/api with SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target [Suppressing further identical messages for 3600000 ms]
Apparently the OCP side certificate (.pem) does not present API URI.
Has anyone working this integration with Certificate OK ? Thank you!
Solved! Go to Solution.
The bearer token is invalid and the request has been rejected by the Kubernetes API. Verify the bearer token. Make sure it doesn't contain any whitespaces. If you're connecting to a Kubernetes cluster API via a centralized external role-based access control (RBAC) consult the documentation of the Kubernetes cluster manager.
Thanks Daniel this configuration was used from beginning but the trouble detected is into
.PEM generated from OCP Cluster .
echo Q | openssl s_client -connect google.com:443 | openssl x509 -outform PEM > dt_k8s_api.pem
This may be not deliver CN and SAM fields with information valid (API hostname and IP ),only seen DNS IP..
My questions if only is somebody has same difficult.
Thanks in advance