The problem described in the Stack Overflow post revolves around a misconfigured SSL certificate in a Kubernetes environment. Specifically, after adding an SSL certificate to the Kubernetes Ingress, the user observes that the certificate presented is the “Kubernetes Ingress Controller Fake Certificate” instead of the expected SSL certificate. This issue occurs when accessing services via HTTPS, leading to SSL/TLS warnings and the inability to establish a secure connection.
Causes:
Default Certificate: The Ingress controller serves a default self-signed certificate (“Kubernetes Ingress Controller Fake Certificate”) when it cannot find a valid SSL certificate for the requested hostname.
Configuration Errors: Misconfigurations in the Ingress resource, such as incorrect hostname matching or missing TLS settings, can lead to the default certificate being served.
Certificate Secret Issues: Issues with the Kubernetes Secret containing the SSL certificate, such as missing or improperly formatted certificates, can also cause this problem.
https://www.shodan.io/search?query=ssl.cert.subject.cn%3A%22kubernetes%22+country%3A%22US%22
https://www.shodan.io/search/report?query=ssl.cert.subject.cn%3A%22kubernetes%22+country%3A%22US%22
Leave a Reply