SSLPeerUnverifiedException Hostname fd33:1a73:fa8f::1 not verified after upgrade to Boot 3.4.0 and Cloud 2024.0.0 #1813
Description
Describe the bug
After the upgrade from Spring Boot 3.3.6 to 3.4.0 and Spring Cloud 2023.0.4 to 2024.0.0 we're experiencing issues regarding hostname verification which read like
javax.net.ssl.SSLPeerUnverifiedException: Hostname fd33:1a73:fa8f::1 not verified: certificate: sha256/bLcj0Q+HP/EF+4njk0xrQvqb/KtOHnZa2xf+rl9ldkc= DN: CN=kube-apiserver subjectAltNames: [fd33:1a73:fa8f:0:0:0:0:1, 2a05:d014:396:cd05:0:0:0:e781, 172.16.98.175, 55c2d4e83b3377534d8c22d619c3cb94.gr7.eu-central-1.eks.amazonaws.com, ip-172-16-98-175.eu-central-1.compute.internal, kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster.local] at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:334) at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:284) at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:169) [...] at java.lang.Thread.run(Thread.java:1570) Wrapped by: java.io.IOException: Hostname fd33:1a73:fa8f::1 not verified: certificate: sha256/bLcj0Q+HP/EF+4njk0xrQvqb/KtOHnZa2xf+rl9ldkc= DN: CN=kube-apiserver subjectAltNames: [fd33:1a73:fa8f:0:0:0:0:1, 2a05:d014:396:cd05:0:0:0:e781, 172.16.98.175, 55c2d4e83b3377534d8c22d619c3cb94.gr7.eu-central-1.eks.amazonaws.com, ip-172-16-98-175.eu-central-1.compute.internal, kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster.local] at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.waitForResult(OperationSupport.java:504) at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.handleResponse(OperationSupport.java:524) at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.handleGet(OperationSupport.java:467) at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.handleGet(BaseOperation.java:792) at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.requireFromServer(BaseOperation.java:193) ... 20 common frames omitted Wrapped by: io.fabric8.kubernetes.client.KubernetesClientException: Operation: [get] for kind: [Pod] with name: [offer-attribute-assignor-6778d89688-pdm8h] in namespace: [offer-attribute-assignor] failed. at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:159) at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.requireFromServer(BaseOperation.java:195) at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.get(BaseOperation.java:149) at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.isReady(BaseOperation.java:919) ... 5 frames excluded ... 13 common frames omitted Wrapped by: org.springframework.context.ApplicationContextException: Failed to start bean 'leaderInitiator' at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:326) at org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:510) at java.lang.Iterable.forEach(Iterable.java:75) ... 10 frames excluded at de.idealo.orca.attribute.ApplicationKt.main(Application.kt:24) There are various bug reports similar to this one available but they all date years back and are already closed.
I suspect the crucial change anywhere within io.fabric8:kubernetes-client between versions 6.9.2 (Cloud 2023.0.4) and 6.13.4 (Cloud 2024.0.0).
From my understanding the address fd33:1a73:fa8f::1 should be fine regarding verification.
Did we miss something?