Describe the bug
Once, all three deployments for External Secrets Operator are successfully running in external-secrets namespace. The ClusterSecretStore is also successfully configured and the external secrets are also being successfully created and synced. But after sometime the Webhook deployment experiences some restarts and now, there's this error when trying to create more external secrets:
Error from server (InternalError): error when creating "test-preprod.yaml": Internal error occurred: failed calling webhook "validate.externalsecret.external-secrets.io": failed to call webhook: Post "https://external-secrets-operator-webhook.external-secrets.svc:443/validate-external-secrets-io-v1beta1-externalsecret?timeout=5s": x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "external-secrets")
The webhook pod give following error:
2023/11/17 08:06:25 http: TLS handshake error from xx.xxx.xx.x:xxxxx: remote error: tls: bad certificate
There's no certManager configured for ESO deployment, relying on ESO to create and manage with a certificate on its own. But it seems like that has some issues.
To Reproduce
Steps to reproduce the behavior:
- wait for sometime and once there're some restarts in webhook deployment, the error occurs when trying to create anymore external secrets