Unable to authenticate user in Kubernetes using x509 certs
Make sure the CA used to sign the CSRs (the --cluster-signing-cert-file
file given to kube-controller-manager) is in the --client-ca-file
bundle given to kube-apiserver (which is what authenticates client certs presented to the apiserver)
Also ensure the certificate requested is a client certificate (has client auth
in the usages
field)