Backport fixes for bugz https://bugzilla.redhat.com/show_bug.cgi?id=1389165 to 3.2
QE did the testing with ose-haproxy-router:v3.2.1.22 this bug should be fixed and also did some regression testing for haproxy, no issue found.
sorry, typo the version should be 'openshift3/ose-haproxy-router:v3.2.1.23'
If you look at https://access.redhat.com/containers/#/tags/57ea8d0a9c624c035f96f452 this image has not been pushed to the container registry via an errata.
Tested on OCP 3.2.1.23 with router image b887c3dfe886 The edge route with expired cert can be created successfully. # oc get route NAME HOST/PORT PATH SERVICE TERMINATION LABELS jenkins jenkins-bmengp1.0124-1xt.qe.rhcloud.com jenkins edge/Redirect template=jenkins-ephemeral-template # openssl x509 -in cert.crt -text Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, ST=SC, L=Default City, O=Default Company Ltd, OU=Test CA, CN=www.exampleca.com/emailAddress=example Validity Not Before: Jan 12 14:19:41 2015 GMT Not After : Jan 12 14:19:41 2016 GMT Subject: CN=www.example.com, ST=SC, C=US/emailAddress=example, O=Example, OU=Example
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:0199