java client is not taking the updated ca.crt/token and error out

Question

java client is not taking the updated ca.crt/token and error out

Opened this issue a month ago · 3 comments

Describe the bug
updated ca.crt/token are not considered by the java k8s client and errors out
java.util.concurrent.ExecutionException: io.kubernetes.client.openapi.ApiException: javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

Client Version
17.0.2

Kubernetes Version
1.21.12

Java Version
openjdk 17.0.12 2024-07-16 LTS

To Reproduce
update the k8s ca.crt and token with the new certificates.

Expected behavior
Java client should consider the latest ca.crt and token and K8S API access should succeed

Server (please complete the following information):

OS: Linux
Environment : Container
Cloud : Vanilla K8S

Answer 1 · 2024-11-30T07:33:31.000Z

Any Help here?

Answer 2 · 2024-12-02T16:52:13.000Z

Yeah, the current auth code doesn't reload certificates if the files change. It would be a fairly significant effort to do so, but if you wanted to take it on, we'd be happy to review the design/PRs.

Answer 3 · 2024-12-03T04:02:03.000Z

Thanks @brendandburns , Will check if i can submit the PR for the same.