Hello,
I am trying to activate TLS for Consul on an on premise kubernetes cluster. I am following this guide, and TLS has been established correctly, however UI returns a bad certificate:
With port forwarding it works. So it has to do something with the DNS.
I am using F5 ingresses as a consul UI DNS.
I have seen many guides however I would like to know if there is something clear, since I am not sure I 'm down the right path.
Thanks,
Nikos
Hey @nikfot
You might need to add additional SANs to your server certificate. You can do it in the Helm chart via global.tls.serverAdditionalDNSSANs and global.tls.serverAdditionalIPSANs properties.
Thanks for the quick answer. I tried adding it like that:
serverAdditionalDNSSANs: ["'consul.test.example'"]
consul.test.example is the dns where the ingress is pointing. If this is the correct way to add it maybe I should try adding the IP.
@nikfot I think you might have a set of extra quotes there. I think it should be either:
serverAdditionalDNSSANs: ["consul.test.example"]
OR
serverAdditionalDNSSANs: ['consul.test.example']