cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

self-signed Kubernetes certificate for cluster - ignore certificate validation

rswarnka
Helper

Hi there, To make cluster connect with Kubernetes, I'm trying to import the public certificate to trust stores in AGs. But I keep getting below error:

PS E:\Program Files\dynatrace\gateway\jre\bin> ./keytool.exe -import -file "E:/cert/aks-prod.pem" -alias aksweuprod -keystore "C:/ProgramData/dynatrace/gateway/ssl/trusted.jks"
Enter keystore password: 
keytool error: java.lang.Exception: Input not an X.509 certificate

 

Got to know that kubernete's certificate is self-signed hence the reason.

What is the security impact of disabling the certificate validation (referring to screenshot)?

1 REPLY 1

ChadTurner
Guru

FYI this will be a requirement in the near future, Id you can always enable it but then set it to false in the config file as well. But id reach out to support to double check on this and the impacts of it turned on/off

-Chad