I had a vauge failure message when trying to login to #tailscale with my OIDC provider via #authentik
After a some yak shaving fixing my kubeconfig to get into my cluster, fix the broken webfinger implementation to work correctly again, and it turns out that the signing certificate used for the provider in Authentik had expired and needed replacing with a new RSA based cert.
Why is nothing ever a simple fix in #selfhosting land...
Andrew Williams /
npub18d…8fjh6
2024-08-15 14:47:59
Author Public Key
npub18d5hr0p92m3hnm2kdujnquplredz0yhjwh4735up9fqwqt5xd79st8fjh6Published at
2024-08-15 14:47:59Event JSON
{
"id": "6c1b05fd8a8cf6f296e6eeaf66c071229e820c225e82ed1f177566031eeb3165",
"pubkey": "3b6971bc2556e379ed566f2530703f1e5a2792f275ebe8d3812a40e02e866f8b",
"created_at": 1723733279,
"kind": 1,
"tags": [
[
"t",
"tailscale"
],
[
"t",
"authentik"
],
[
"proxy",
"https://mastodon.incognitus.net/@nikdoof/112966584227207160",
"web"
],
[
"t",
"selfhosting"
],
[
"proxy",
"https://mastodon.incognitus.net/users/nikdoof/statuses/112966584227207160",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.incognitus.net/users/nikdoof/statuses/112966584227207160",
"pink.momostr"
],
[
"-"
]
],
"content": "I had a vauge failure message when trying to login to #tailscale with my OIDC provider via #authentik \n\nAfter a some yak shaving fixing my kubeconfig to get into my cluster, fix the broken webfinger implementation to work correctly again, and it turns out that the signing certificate used for the provider in Authentik had expired and needed replacing with a new RSA based cert.\n\nWhy is nothing ever a simple fix in #selfhosting land...",
"sig": "938e8bed4cec6b7d567ffa924fab3f0102b58d707fe55357e26d8a580eaf9417a470295fc057b1815cecaca37a8f1b18b6045f44e591151267530aa74a26b4ae"
}