Author: Kellen F.
Date: 12/29/23
Audience: Everyone
Environment: Self-hosted, Replicated - KOTS version 9.6.x, TLS cert
Summary
When trying to upload the TLS cert to the KOTS admin panel, the user will see the error “Failed to render templates” message and can not save the configuration.
Solution
- We must remove any binary certificate data from the configuration.
- Create a blank file titled
emptyfile.txt
with no data in it. - Zero out the
trusted_certificate_file
with the following command:
/usr/local/bin/kubectl-kots set config jama-k8s -n default --key trusted_certificate_file --value-from-file emptyfile.txt
4. If there is also offending data in the nginx_ssl_certificate_file
, we must do the same to that file:
/usr/local/bin/kubectl-kots set config jama-k8s -n default --key trusted_certificate_file --value-from-file emptyfile.txt
Cause
The nginx_ssl_certificate_file
or the trusted_certificate_file
config value is set with binary data rather than being PEM-encoded. When this data is then templated into the trusted_certificate_data
, it results in an invalid.YAML.
Prevention
Confirm that any certificates uploaded are PEM encoded and not binary.
Related to
Comments
0 comments
Please sign in to leave a comment.