Bug 1812413
Summary: | configuring openid provider, optional argument "ca" is always set in the master-config.yaml | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | German Parente <gparente> |
Component: | Installer | Assignee: | Russell Teague <rteague> |
Installer sub component: | openshift-ansible | QA Contact: | Johnny Liu <jialiu> |
Status: | CLOSED WONTFIX | Docs Contact: | |
Severity: | medium | ||
Priority: | medium | CC: | algonzal, bleanhar, openshift-bugs-escalate, rsunog, rteague |
Version: | unspecified | Keywords: | UpcomingSprint |
Target Milestone: | --- | ||
Target Release: | 3.11.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-05-26 13:21:18 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
German Parente
2020-03-11 09:41:48 UTC
As I read the code and our documentation it seems clear to me that the 'ca' field is intended to always be set. Can someone help us understand why the customer does not want to use this file? My assumption is that their identity provider's certificate was issued by an already trusted, public CA. Can you confirm? If that is the case I wouldn't suggest patching openshift-ansible on 3.11 at this point but instead simply placing the already trusted CA in the location the installer wants it. I'll talk with our maintainers and make sure I'm not over simplifying the situation. *** Bug 1733103 has been marked as a duplicate of this bug. *** |