Arc-enabled Kubernetes Pod kube-aad-proxy failing to start

DK 20 Reputation points
2024-09-02T12:19:16.9366667+00:00

I'm seeing the Arc Agent kube-aad-proxy Pod failing with x509: certificate signed by unknown authority

It's using container version: mcr.microsoft.com/azurearck8s/kube-aad-proxy:1.18.3

From the Kubernetes Node itself I have no problem curling the endpoint curl -v https://sts.windows.net/<myTenantId>/.well-known/openid-configuration

Full log

time="2024-09-02T12:05:29Z" level=fatal msg="Failed to create authenticator. Error:Get \"https://sts.windows.net/<myTenantId>/.well-known/openid-configuration\": tls: failed to verify certificate: x509: certificate signed by unknown authority
failed to create provider for azure
github.com/azure-core/ClusterConfigurationAgent/kube-aad-proxy/pkg/auth.NewAADAuthenticator
\t/usr/local/ClusterConfigurationAgent/kube-aad-proxy/pkg/auth/aadAuthenticator.go:89
github.com/azure-core/ClusterConfigurationAgent/kube-aad-proxy/pkg/server.(*Server).ListenAndServe
\t/usr/local/ClusterConfigurationAgent/kube-aad-proxy/pkg/server/server.go:137
github.com/azure-core/ClusterConfigurationAgent/kube-aad-proxy/cmd.NewRunCmd.func1
\t/usr/local/ClusterConfigurationAgent/kube-aad-proxy/cmd/run.go:33
github.com/spf13/cobra.(*Command).execute
\t/go/pkg/mod/github.com/spf13/cobra@v1.8.0/command.go:987
github.com/spf13/cobra.(*Command).ExecuteC
\t/go/pkg/mod/github.com/spf13/cobra@v1.8.0/command.go:1115
github.com/spf13/cobra.(*Command).Execute
\t/go/pkg/mod/github.com/spf13/cobra@v1.8.0/command.go:1039
main.main\n\t/usr/local/ClusterConfigurationAgent/kube-aad-proxy/main.go:32
runtime.main
\t/usr/local/go/src/runtime/proc.go:271\nruntime.goexit
\t/usr/local/go/src/runtime/asm_amd64.s:1695"
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
402 questions
0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.