Bug 1502838
Summary: | [3.9] Invalid entries in namedCertificates when using openshift_master_named_certificates | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Renato Puccini <rpuccini> | ||||||||
Component: | Installer | Assignee: | Russell Teague <rteague> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | Johnny Liu <jialiu> | ||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | unspecified | ||||||||||
Version: | 3.9.0 | CC: | aos-bugs, jokerman, mmccomas | ||||||||
Target Milestone: | --- | Keywords: | NeedsTestCase | ||||||||
Target Release: | 3.9.0 | ||||||||||
Hardware: | x86_64 | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: |
Cause: Alternative names in certificates were not being properly parsed.
Consequence: Alternatives with 'email:' were being added as additional hostnames.
Fix: Updated the logic to only add alternative names which begin with 'DNS:'
Result: Proper parsing and updating of namedCertificates
|
Story Points: | --- | ||||||||
Clone Of: | |||||||||||
: | 1538895 1538896 (view as bug list) | Environment: | |||||||||
Last Closed: | 2018-03-28 14:07:14 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
Renato Puccini
2017-10-16 20:12:35 UTC
Created attachment 1339438 [details]
/etc/ansible/hosts
Created attachment 1339449 [details]
pem file
Merged Verified this bug with openshift-ansible-3.9.0-0.31.0.git.0.e0a0ad8.el7.noarch, and PASS. # cat /etc/origin/master/master-config.yaml <--snip--> namedCertificates: - certFile: /etc/origin/master/named_certificates/cloudbeta.rio.gov.br.crt keyFile: /etc/origin/master/named_certificates/cloudbeta.rio.gov.br.key names: - cloudbeta.rio.gov.br <--snip--> Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0489 |