helm: x509: certificate signed by unknown authority

As a workaround you can try to disable certificate verification. Helm uses the kube config file (by default ~/.kube/config). You can add insecure-skip-tls-verify: true for the cluster section:

clusters:- cluster:    server: https://cluster.mysite.com    insecure-skip-tls-verify: true  name: default

Did you already try to reinstall helm/tiller?

kubectl delete deployment tiller-deploy --namespace kube-systemhelm init

Also check if you have configured an invalid certificate in the cluster configuration.

In my case the error was caused by an untrusted certificate from the Helm repository.Downloading the certificate and specifying it using the --ca-file option solved the issue (at least in Helm version 3).

helm repo add --ca-file /path/to/certificate.crt repoName https://example/repository

--ca-file string, verify certificates of HTTPS-enabled servers using this CA bundle

In my case, I was running for a single self-manage and the config file was also container ca-file, so the following the above answer was throwing below error

Error: Kubernetes cluster unreachable: Get "https://XX.XX.85.154:6443/version?timeout=32s": x509: certificate is valid for 10.96.0.1, 172.31.25.161, not XX.XX.85.154

And my config was

- cluster:    certificate-authority-data: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX    server: https://54.176.85.154:6443    insecure-skip-tls-verify: true

So I had to remove the certificate-authority-data.

- cluster:    server: https://54.176.85.154:6443    insecure-skip-tls-verify: true