Bug 1415280 - [3.3] Extended Route Validation Breaks Included Templates
Summary: [3.3] Extended Route Validation Breaks Included Templates
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.3.1
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
: 3.3.1
Assignee: Ram Ranganathan
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On: 1389165
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-20 18:16 UTC by Scott Dodson
Modified: 2022-08-04 22:20 UTC (History)
14 users (show)

Fixed In Version: atomic-openshift-3.3.1.11-1.git.0.cba037c.el7
Doc Type: If docs needed, set a value
Doc Text:
Cause: The extended certificate validation code (now enabled by default) would not allow some certificates that should be considered valid. Consequence: Self-signed, expired, or not yet current certificates that were otherwise well-formed would be rejected. Fix: The extended validation was changed to allow those cases. Result: Those types of certificates are now allowed.
Clone Of: 1389165
Environment:
Last Closed: 2017-01-26 20:43:50 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Origin (Github) 11716 0 None None None 2017-01-20 18:16:35 UTC
Red Hat Product Errata RHBA-2017:0199 0 normal SHIPPED_LIVE OpenShift Container Platform 3.3.1.11 and 3.2.1.23 bug fix update 2017-01-27 01:41:56 UTC

Comment 2 zhaozhanqi 2017-01-22 05:47:04 UTC 
verified this bug on 
# openshift version
openshift v3.3.1.9
kubernetes v1.3.0+52492b4
etcd 2.3.0+git

openshift3/ose-haproxy-router    v3.3.1.9            481a6b04baf9


steps:

1. Create a new Test Project (oc new-project jenkins)
2. Enable extended route validation on the router (oc env -n default dc/router EXTENDED_VALIDATION=true)
3. Deploy the jenkins-ephemeral image (oc new-app --template=jenkins-ephemeral
4. oc get route

# oc get route
NAME      HOST/PORT                            PATH      SERVICES   PORT      TERMINATION
jenkins   jenkins-z1.0122-2tw.qe.rhcloud.com             jenkins    <all>     edge/Redirect
Comment 4 errata-xmlrpc 2017-01-26 20:43:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:0199
Note You need to log in before you can comment on or make changes to this bug.