Getting bad certificate error after installing charmed kubernetes and the docker registry charm

I have deployed charmed kubernetes with the docker-registry charm, and I could build and push an image to the registry. However, if I want to pull that image in a kubernetes deployment, I get error:

Warning Failed 6s (x2 over 21s) kubelet, juju-59fee34-k8s-paul-8 Failed to pull image “registry_ip:registry_port/frontend:latest”: rpc error: code = Unknown desc = failed to pull and unpack image “registry_ip:registry_port/frontend:latest”: failed to resolve reference “registry_ip:registry_port/frontend:latest”: failed to do request: Head https://registry_ip:registry_port/v2/frontend/manifests/latest: remote error: tls: bad certificate

Aren’t easyrsa or vault supposed to manage certificates through the added relations ? What I have noticed is that a juju-docker-registry.pem has been installed on the clients, but that does obviously not solve the problem.

Could you please provide the output of juju status --relations?

docker-registry:docker-registry containerd:docker-registry docker-registry regular
docker-registry:peer docker-registry:peer peer-discovery peer
etcd:cluster etcd:cluster etcd peer
etcd:db flannel:etcd etcd regular
etcd:db kubernetes-master:etcd etcd regular
kubeapi-load-balancer:loadbalancer kubernetes-master:loadbalancer public-address regular
kubeapi-load-balancer:website kubernetes-worker:kube-api-endpoint http regular
kubernetes-master:cni flannel:cni kubernetes-cni subordinate
kubernetes-master:container-runtime containerd:containerd container-runtime subordinate
kubernetes-master:coordinator kubernetes-master:coordinator coordinator peer
kubernetes-master:kube-api-endpoint kubeapi-load-balancer:apiserver http regular
kubernetes-master:kube-control kubernetes-worker:kube-control kube-control regular
kubernetes-master:kube-masters kubernetes-master:kube-masters kube-masters peer
kubernetes-worker:cni flannel:cni kubernetes-cni subordinate
kubernetes-worker:container-runtime containerd:containerd container-runtime subordinate
kubernetes-worker:coordinator kubernetes-worker:coordinator coordinator peer
openstack-integrator:clients kubernetes-master:openstack openstack-integration regular
openstack-integrator:clients kubernetes-worker:openstack openstack-integration regular
percona-cluster:cluster percona-cluster:cluster percona-cluster peer
percona-cluster:shared-db vault:shared-db mysql-shared regular
vault:certificates docker-registry:cert-provider tls-certificates regular
vault:certificates etcd:certificates tls-certificates regular
vault:certificates kubeapi-load-balancer:certificates tls-certificates regular
vault:certificates kubernetes-master:certificates tls-certificates regular
vault:certificates kubernetes-worker:certificates tls-certificates regular
vault:cluster vault:cluster vault-ha peer