Bug 1568660
Summary: | openshift_logging : Run JKS generation script failed | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Rich Megginson <rmeggins> |
Component: | Installer | Assignee: | Rich Megginson <rmeggins> |
Status: | CLOSED ERRATA | QA Contact: | Johnny Liu <jialiu> |
Severity: | high | Docs Contact: | |
Priority: | urgent | ||
Version: | 3.10.0 | CC: | anli, aos-bugs, jokerman, mmccomas, rmeggins |
Target Milestone: | --- | ||
Target Release: | 3.10.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause: When creating the Elasticsearch server certificate, the external Elasticsearch hostnames are being unconditionally added to the subjectAltName.
Consequence: Install fails because only hostname components beginning with a letter are allowed in the subjectAltName, so hostnames like es.0xdeadbeef.com disallowed and cause an error.
Fix: Issue a warning if the Elasticsearch hostname contains a component which does not begin with a letter, and do not add it to the subjectAltName.
Result: Logging install completes successfully.
|
Story Points: | --- |
Clone Of: | 1567767 | Environment: | |
Last Closed: | 2018-07-30 19:13:21 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1567767, 1569350 | ||
Bug Blocks: |
Description
Rich Megginson
2018-04-18 02:51:53 UTC
merged upstream: https://github.com/openshift/openshift-ansible/commit/313dbb3d25c8573874e50f6ce92f64f1d7772cc2 The bug have been fixed in ose-ansible/images/v3.10.0-0.29.0.0. @rich can you move to ON_QA? Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1816 |