While trying to connect GitLab to my AWS Kubernetes instance, I’ve copied and pasted the CA Certificate as is into the text box. However, when clicking “Add Kubernetes cluster” it errors out when checking the CA with: must be a valid PEM certificate
I’ve tried cutting pasting through notepad++, notepad, via CLI, etc. and even adding the -----BEGIN CERTIFICATE----- (and END)
No joy.
Any ideas?
I’m having the same issue. Did you have any luck solving that?
Update: I solved my issue. The “ca.crt” is encoded in base64 twice. You need to decode it once, and then it will have the regular header and footer. More details at Kubernetes Integration "Something went wrong while installing Helm Tiller"
Simple!
$ echo CERTIFICATE_AUTHORITY | base64 -d > ca_cert.pem
$ cat ca_cert.pem
-----BEGIN CERTIFICATE-----
MIICyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl
cm5ldGVzMB4XDTE4MDYxMzIxNTYyNVoXDTI4MDYxMDIxNTYyNVowFTETMBEGA1UE
AxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOop
<…>
1L+DGVYcnpeDur7M7zQLfU0LRrF1yDqCdLndHto1pm0ehF9Yx6dfaVh5IB0=
-----END CERTIFICATE-----
I had to do this for microk8s to get the CA cert string.
cat /var/snap/microk8s/current/credentials/client.config
then using node:
var cacert = "YOURCACERTLONGSTRINGHERE==";
console.log(new Buffer(cacert, "base64").toString());
Output:
-----BEGIN CERTIFICATE-----
YOURDECODEDCERTSTRINGHERE===
-----END CERTIFICATE-----