Bug 1543308 - Prometheus oauth-proxy refuse connection if a custom CA is used on LoadBalancer
Summary: Prometheus oauth-proxy refuse connection if a custom CA is used on LoadBalancer
Keywords:
Status: CLOSED DUPLICATE of bug 1535585
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Hawkular
Version: 3.7.0
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
: 3.9.0
Assignee: Paul Gier
QA Contact: Junqi Zhao
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-02-08 08:37 UTC by Franck Grosjean
Modified: 2021-03-11 17:09 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-22 21:57:12 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1535585 0 medium CLOSED Prometheus playbook needs to utilize -openshift-ca flag 2022-03-13 14:38:30 UTC

Internal Links: 1535585

Description Franck Grosjean 2018-02-08 08:37:25 UTC 
Description of problem:
Prometheus oauth-proxy refuses authentication with a custom CA

Version-Release number of selected component (if applicable):


How reproducible:
Configure Openshift with upstream load balancer and custom CA and cert
Deploy prometheus according to the documentation


Steps to Reproduce:
1. Install Openshift with load balancer for UI and API (Public URL)
2. Install custom CA on load balancer
3. Deploy prometheus with ansible according to documentation
4. Connect to prometheus using exposed route

Actual results:
Authentication failed

Expected results:
Authentiation should work 

Additional info:
Prometheus oauth proxy rejects connection if PublicURL use a different CA
Comment 2 Paul Gier 2018-02-22 21:57:12 UTC 
I believe this is the same issue as 1535585

*** This bug has been marked as a duplicate of bug 1535585 ***
Note You need to log in before you can comment on or make changes to this bug.