"Error: unable to get issuer certificate" when certificate-authority-data contains a self signed certificate #327
Description
I am using Aliyun's serverless kubernetes service, and it provides an YAML to connect to the cluster and perform administration. The config file works with kubectl CLI. However, if I use it with this library, the "Error: unable to get issuer certificate" message appears. I was able to circumvent the issue by adding insecure-skip-tls-verify: true but clearly that is not good. This issue occurs on both Windows 10 and Ubuntu 16.04 as I have tested.
A redacted version of Aliyun's YAML:
apiVersion: v1
clusters:
- cluster:
server: https://ca3651013ffffffffffffffffffffffff.serverless-1.kubernetes.cn-shanghai.aliyuncs.com:6443
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvekNDQW1pZ0F3SUJBZ0lEQmthcE1BMEdDU3FHU0liM0RRRUJDd1VBTUdJeEN6QUpCZ05WQkFZVEFrTk8KTVJFd0R3WURWUVFJREFoYWFHVkthV0Z1WnpFUk1BOEdBMVVFQnd3SVNHRnVaMXBvYjNVeEVEQU9CZ05WQkFvTQpCMEZzYVdKaFltRXhEREFLQmdOVkJBc01BMEZEVXpFTk1Bc0dBMVVFQXd3RWNtOXZkREFlRncweE9EQTBNalF4Ck5URTBNREJhRncwek9EQTBNVGt4TlRFNU5EUmFNR294S2pBb0JnTlZCQW9USVdNMU4yRXdPR1E0WkdFeU1UZzAKT1RNd1lUaGpZVGxpWWpVMk5EWmhNV1UyWWpFUU1BNEdBMVVFQ3hNSFpHVm1ZWFZzZERFcU1DZ0dBMVVFQXhNaApZelUzWVRBNFpEaGtZVEl4T0RRNU16QmhPR05oT1dKaU5UWTBObUV4WlRaaU1JR2ZNQTBHQ1NxR1NJYjNEUUVCCkFRVUFBNEdOQURDQmlRS0JnUUM5SE9oV1lRYXlDVEYyTG1EVXlJZ2RzWlFyUFljblRyVURmakwrcjU5MExUbkwKNkxZVFVyTlc4VE1NUzhsWHRDZjZRQlMxczRzNWJoajRYRFJLSEtYRC8rcjQwN1JobEFEY3puSUJVc0Nra0hnZgo0VDJZTkNrSUxBUFRaNG5aVGFYUk1VS3ZsOFBDTHl6aklWczJ6N21nZFJ6bnowY0pJbVo0bTVNQW5YeC80UUlECkFRQUJvNEc2TUlHM01BNEdBMVVkRHdFQi93UUVBd0lDckRBUEJnTlZIUk1CQWY4RUJUQURBUUgvTUI4R0ExVWQKSXdRWU1CYUFGSVZhLzkwanpTVnZXRUZ2bm0xRk9adFlmWFgvTUR3R0NDc0dBUVVGQndFQkJEQXdMakFzQmdncgpCZ0VGQlFjd0FZWWdhSFIwY0RvdkwyTmxjblJ6TG1GamN5NWhiR2w1ZFc0dVkyOXRMMjlqYzNBd05RWURWUjBmCkJDNHdMREFxb0NpZ0pvWWthSFIwY0RvdkwyTmxjblJ6TG1GamN5NWhiR2w1ZFc0dVkyOXRMM0p2YjNRdVkzSnMKTUEwR0NTcUdTSWIzRFFFQkN3VUFBNEdCQUI2RU03RFBDQVNTOXFDcGd3VU5CcGR2cFVDcjN2azF1SXl0Zmc5RQp0OGwvdWZJRkRjTzhTYno1ZHllSTlMTVZnNHdpc2dtV3FUakxHVGJuUVMyNHVoT1lFQ05vWXVFa1lQQjRSRkpFCjFFeTFRKy8ycWxzY0dWOFVJQlUzV1BYRFlHYU9IdlZpYnkrNzhXY2Z2U1g5Y01OR0tZMGxCSjUySFFIT1BKRE8Kc0tjMwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: "aliyun5007422899999999"
name: viking-ca3651013ffffffffffffffffffffffff
current-context: viking-ca3651013ffffffffffffffffffffffff
kind: Config
preferences: {}
users:
- name: "aliyun5007422899999999"
user:
client-certificate-data: LS0xxxxxxxx
client-key-data: LS0xxxxxxxxxxWhere the certificate-authority-data contains the self-signed certificated generated by Aliyun.