Hide Forgot
Description of problem: https://access.redhat.com/documentation/en/red-hat-openstack-platform/9/paged/director-installation-and-usage/appendix-a-ssl-tls-certificate-configuration Step A.5 attempts to use a 4096 bit CA cert, created in A.2, to sign a 2048 bit server key. This will fail, as they need to match in order to be successful. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Hi Ken, Thanks for reporting this. What kind of error are you experiencing? I only ask because I've been able to successfully create separate CA and servers certs using keys with different bit sizes, so if you're experiencing an error it might be due to something else. I tested this out and have successfully been able to sign the 2048 bit CSR with the 4096 bit CA. I'll attach a log to show what I mean. I've also been able to use certs and keys created with the same process successfully with test Underclouds and Overclouds. So I can change them to the same bit size, but I don't think it'll make much difference if you're experiencing an error. How did you want to proceed?
Dan I haven't had a chance to test again. I'll be able to do some more testing the week of 10/31 thanks