"private key does not match public key" errors causing pod failures when installing an instance of VMware Cloud Director Extension for VMware Tanzu Mission Control
Article ID: 325505
Updated On:
Products
VMware Cloud Director
Issue/Introduction
Symptoms:
- Installing VMware Cloud Director Extension for VMware Tanzu Mission Control through Cloud Director Solution Add-On Management.
- Pods in the tmc-local namespace on the target Kubernetes cluster have a CrashLoopBackOff status and show log entries similar to the following:
agent-gateway-server pods:
{"level":"fatal","msg":"Failed to initialize server with err : tls: private key does not match public key","time":"<TIME_STAMP>"}
api-gateway-server pods:
{"level":"fatal","msg":"Failed to initialize server with err : tls: private key does not match public key","time":"<TIME_STAMP>"}
auth-manager-server pods:
<TIME_STAMP> tls: private key does not match public key
cluster-agent-service-server pods:
{"level":"info","msg":"failed to load stack TLS config, tls: private key does not match public key","time":"<TIME_STAMP>"}
cluster-service-server pods:
<TIME_STAMP> create tls config error: tls: private key does not match public key
landing-service-server pods:
{"error":"could not load TLS certificate and key: tls: private key does not match public key","level":"error","msg":"failed to init service framework","time":"<TIME_STAMP>"}
tenancy-service-server pods:
{"error":"could not load TLS certificate and key: tls: private key does not match public key","level":"error","msg":"server failed to init service framework","time":"<TIME_STAMP>"}
{"level":"fatal","msg":"Failed to initialize server with err : tls: private key does not match public key","time":"<TIME_STAMP>"}
api-gateway-server pods:
{"level":"fatal","msg":"Failed to initialize server with err : tls: private key does not match public key","time":"<TIME_STAMP>"}
auth-manager-server pods:
<TIME_STAMP> tls: private key does not match public key
cluster-agent-service-server pods:
{"level":"info","msg":"failed to load stack TLS config, tls: private key does not match public key","time":"<TIME_STAMP>"}
cluster-service-server pods:
<TIME_STAMP> create tls config error: tls: private key does not match public key
landing-service-server pods:
{"error":"could not load TLS certificate and key: tls: private key does not match public key","level":"error","msg":"failed to init service framework","time":"<TIME_STAMP>"}
tenancy-service-server pods:
{"error":"could not load TLS certificate and key: tls: private key does not match public key","level":"error","msg":"server failed to init service framework","time":"<TIME_STAMP>"}
Environment
VMware Cloud Director 10.x
Cause
This issue can occur if the Certificate Provider parameter during deployment is set to import and the TLS Certificate and TLS Private Key provided are not a valid matching pair.
Resolution
Ensure that the TLS Certificate and TLS Private Key provided are a valid matching pair.
For more details see the VMware Cloud Director Extension for VMware Tanzu Mission Control documentation on the TLS Certificate and TLS Private Key parameters, Installation Parameters.
For more details see the VMware Cloud Director Extension for VMware Tanzu Mission Control documentation on the TLS Certificate and TLS Private Key parameters, Installation Parameters.
Feedback
Yes
No
Powered by
