Rancher 2.0 certificate signed by unknown authority

shaocongcong · August 9, 2018, 9:16am

my rancher API & Keys Conf:

my .drone.yml:

pipeline:
  rancher:
    image: peloton/drone-rancher
    url: https://10.100.7.44/v3
    access_key: token-kznlp
    secret_key: fzwkpkkb5w7wzflj6bxtttsfn9mnsf4lpdf89q98lkp78m8kw5th62
    service: imscc/blink
    docker_image: blink

Drone report this error when I submit the code:

time=“2018-08-09T08:51:48Z” level=info msg=“Drone Rancher Plugin built” 0s 2 time=“2018-08-09T08:51:48Z” level=fatal msg=“Failed to create rancher client: Get https://10.100.7.44/v3: x509: certificate signed by unknown authority”

shaocongcong · August 9, 2018, 2:29pm

I’m desperate!!!

bradrydzewski · August 9, 2018, 2:31pm

I see you are using https with an IP address (https://10.100.7.44/v3) which is probably why you are getting this error message.

shaocongcong · August 10, 2018, 1:34am

Thank you for your reply. You mean to access rancher with domain name?

bradrydzewski · August 10, 2018, 2:51am

I mean use http (not https) if you are using an IP address. You cannot use https with an IP address unless you create self-signed certificates and mount those into the container (not recommended). If you need to use https, use a domain name and make sure rancher is using valid ssl certificates from a valid certificate authority (rancher support should be able to help you with this).

pipeline:
  rancher:
    image: peloton/drone-rancher
-   url: https://10.100.7.44/v3
+   url: http://10.100.7.44/v3
    access_key: token-kznlp
    secret_key: fzwkpkkb5w7wzflj6bxtttsfn9mnsf4lpdf89q98lkp78m8kw5th62
    service: imscc/blink
    docker_image: blink

shaocongcong · August 10, 2018, 2:59am

OK, Thank you for your reply.