How to make minikube server tls-curlable? Announcing the arrival of Valued Associate #679:...

Do I really need to have a message in a novel to appeal to readers?

Crossing US/Canada Border for less than 24 hours

Does the Mueller report show a conspiracy between Russia and the Trump Campaign?

As Singapore Airlines (Krisflyer) Gold, can I bring my family into the lounge on a domestic Virgin Australia flight?

Dynamic filling of a region of a polar plot

Should a wizard buy fine inks every time he want to copy spells into his spellbook?

What to do with repeated rejections for phd position

Why do aircraft stall warning systems use angle-of-attack vanes rather than detecting airflow separation directly?

Time evolution of a Gaussian wave packet, why convert to k-space?

AppleTVs create a chatty alternate WiFi network

Is multiple magic items in one inherently imbalanced?

How to write capital alpha?

How were pictures turned from film to a big picture in a picture frame before digital scanning?

How many time has Arya actually used Needle?

How does Belgium enforce obligatory attendance in elections?

Do wooden building fires get hotter than 600°C?

One-one communication

How can I prevent/balance waiting and turtling as a response to cooldown mechanics

What order were files/directories output in dir?

Can a sorcerer use careful spell on himself?

Did Mueller's report provide an evidentiary basis for the claim of Russian govt election interference via social media?

How long can equipment go unused before powering up runs the risk of damage?

How does light 'choose' between wave and particle behaviour?

Drawing spherical mirrors



How to make minikube server tls-curlable?



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern)Free SMTP server with TLS supportEncrypt rsync using TLSPostfix TLS configurationTLS on exchangeTLS negotiation hangsTLS module in ProFTPDproftpd - Insecure server, it does not support FTP over TLSHow to disable TLS 1.0 on a linux server?ESXI TLS configurationiredmail TLS library error





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















I am following a tutorial to implement hyperledger fabric in kubernetes by setting up a minikube server in a kvm2 virtual machine while on an Ubuntu 18.04. base operating system. At some point I need to



curl https://dubi/cainfo ,


where dubi is a host defined in /etc/hosts and pointing to the minikube server's IP, but I get following error:



curl: (60) SSL certificate problem: unable to get local issuer certificate


When doing



curl https://dubi/cainfo -k ,


it works as intended and I can see a certificate. I was wondering if there is a way to make the minikube server tls-callable?



What I tried so far is to write an extension for the kubernetes service running in minikube:



apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mock-server
spec:
tls:
- secretName: dubi-tls
hosts:
- dubi
rules:
- host: dubi
http:
paths:
- path: /
backend:
serviceName: kubernetes
servicePort: 443 ,


create a tls key with



openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout dubi.key -out dubi.crt -subj "/CN=dubi" -days 365,


and



kubectl apply -f kubernetes.yaml.



Unfortunately, that does not work, I still get the error mentioned above.
Are there any errors in what I tried to do or is there a better and working way to do this?










share|improve this question































    0















    I am following a tutorial to implement hyperledger fabric in kubernetes by setting up a minikube server in a kvm2 virtual machine while on an Ubuntu 18.04. base operating system. At some point I need to



    curl https://dubi/cainfo ,


    where dubi is a host defined in /etc/hosts and pointing to the minikube server's IP, but I get following error:



    curl: (60) SSL certificate problem: unable to get local issuer certificate


    When doing



    curl https://dubi/cainfo -k ,


    it works as intended and I can see a certificate. I was wondering if there is a way to make the minikube server tls-callable?



    What I tried so far is to write an extension for the kubernetes service running in minikube:



    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
    name: mock-server
    spec:
    tls:
    - secretName: dubi-tls
    hosts:
    - dubi
    rules:
    - host: dubi
    http:
    paths:
    - path: /
    backend:
    serviceName: kubernetes
    servicePort: 443 ,


    create a tls key with



    openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout dubi.key -out dubi.crt -subj "/CN=dubi" -days 365,


    and



    kubectl apply -f kubernetes.yaml.



    Unfortunately, that does not work, I still get the error mentioned above.
    Are there any errors in what I tried to do or is there a better and working way to do this?










    share|improve this question



























      0












      0








      0








      I am following a tutorial to implement hyperledger fabric in kubernetes by setting up a minikube server in a kvm2 virtual machine while on an Ubuntu 18.04. base operating system. At some point I need to



      curl https://dubi/cainfo ,


      where dubi is a host defined in /etc/hosts and pointing to the minikube server's IP, but I get following error:



      curl: (60) SSL certificate problem: unable to get local issuer certificate


      When doing



      curl https://dubi/cainfo -k ,


      it works as intended and I can see a certificate. I was wondering if there is a way to make the minikube server tls-callable?



      What I tried so far is to write an extension for the kubernetes service running in minikube:



      apiVersion: extensions/v1beta1
      kind: Ingress
      metadata:
      name: mock-server
      spec:
      tls:
      - secretName: dubi-tls
      hosts:
      - dubi
      rules:
      - host: dubi
      http:
      paths:
      - path: /
      backend:
      serviceName: kubernetes
      servicePort: 443 ,


      create a tls key with



      openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout dubi.key -out dubi.crt -subj "/CN=dubi" -days 365,


      and



      kubectl apply -f kubernetes.yaml.



      Unfortunately, that does not work, I still get the error mentioned above.
      Are there any errors in what I tried to do or is there a better and working way to do this?










      share|improve this question
















      I am following a tutorial to implement hyperledger fabric in kubernetes by setting up a minikube server in a kvm2 virtual machine while on an Ubuntu 18.04. base operating system. At some point I need to



      curl https://dubi/cainfo ,


      where dubi is a host defined in /etc/hosts and pointing to the minikube server's IP, but I get following error:



      curl: (60) SSL certificate problem: unable to get local issuer certificate


      When doing



      curl https://dubi/cainfo -k ,


      it works as intended and I can see a certificate. I was wondering if there is a way to make the minikube server tls-callable?



      What I tried so far is to write an extension for the kubernetes service running in minikube:



      apiVersion: extensions/v1beta1
      kind: Ingress
      metadata:
      name: mock-server
      spec:
      tls:
      - secretName: dubi-tls
      hosts:
      - dubi
      rules:
      - host: dubi
      http:
      paths:
      - path: /
      backend:
      serviceName: kubernetes
      servicePort: 443 ,


      create a tls key with



      openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout dubi.key -out dubi.crt -subj "/CN=dubi" -days 365,


      and



      kubectl apply -f kubernetes.yaml.



      Unfortunately, that does not work, I still get the error mentioned above.
      Are there any errors in what I tried to do or is there a better and working way to do this?







      ubuntu tls kubernetes






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 6 hours ago







      Paul Rousseau

















      asked 7 hours ago









      Paul RousseauPaul Rousseau

      62




      62






















          0






          active

          oldest

          votes












          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1427497%2fhow-to-make-minikube-server-tls-curlable%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1427497%2fhow-to-make-minikube-server-tls-curlable%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...

          Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

          Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...