A little update.
I've tested also from a Mac: kubectl gives the same error as under Windows.
On the tectonic install server (Linnux) kubectl can connect to the cluster, when
I'm using the kubeconfig-file which is generated from the installer
(tectonic_1.8.4-tectonic.3/tectonic-installer/linux/clusters/lernlabor_2018-01-22_11-10-21/generated/auth/kubeconfig):
# ~/src/kubectl --kubeconfig=kubeconfig version
Client Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.4", GitCommit:"9befc2b8928a9426501d3bf62f72849d5cbcd5a3", GitTreeState:"clean", BuildDate:"2017-11-20T05:28:34Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"8+", GitVersion:"v1.8.4+coreos.0", GitCommit:"4292f9682595afddbb4f8b1483673449c74f9619", GitTreeState:"clean", BuildDate:"2017-11-21T17:22:25Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}
When I download the kubeconfig via the web-gui I get an error:
# ~/src/kubectl --kubeconfig=/root/Downloads/kube-config version
Client Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.4", GitCommit:"9befc2b8928a9426501d3bf62f72849d5cbcd5a3", GitTreeState:"clean", BuildDate:"2017-11-20T05:28:34Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}
Unable to connect to the server: failed to refresh token: oauth2: cannot fetch token: 401 Unauthorized
Response: {"error":"invalid_client","error_description":"Invalid client credentials."}
So, it's a slighly different error message.