2344352 – [RFE] SSL Certificate update taken affect in Ceph service update request

Bug 2344352 - [RFE] SSL Certificate update taken affect in Ceph service update request

Summary: [RFE] SSL Certificate update taken affect in Ceph service update request

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	Cephadm
Sub Component:
Version:	8.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	8.1
Assignee:	Redouane Kachach Elhichou
QA Contact:	Sayalee
Docs Contact:	Rivka Pollack
URL:
Whiteboard:
Depends On:
Blocks:	2351689
TreeView+	depends on / blocked

Reported:	2025-02-07 15:23 UTC by daniel parkes
Modified:	2025-06-26 12:25 UTC (History)
CC List:	9 users (show)
Fixed In Version:	ceph-19.2.1-33.el9cp
Doc Type:	Enhancement
Doc Text:	.New automatic application of updated SSL certificates during Ceph `rgw` service updates. Previously, when updating SSL certificates for Ceph Object Gateway in the service specification, the changes did not take effect until the daemons were manually restarted. This manual step hindered automation and could leave services temporarily running with outdated certificates. With this enhancement, SSL certificate updates in the Ceph Object Gateway specification automatically trigger the necessary daemon restarts as part of the service update process. As a result, the feature helps ensure that new certificates are applied immediately and improves automation and operational reliability.
Clone Of:
Environment:
Last Closed:	2025-06-26 12:25:09 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	ceph ceph pull 61694	None	Draft	mgr/cephadm: reconfig rgw and ingress daemons when certificate changes	2025-02-07 15:26:01 UTC
Red Hat Issue Tracker	RHCEPH-10575	None	None	None	2025-02-07 15:25:12 UTC
Red Hat Product Errata	RHSA-2025:9775	None	None	None	2025-06-26 12:25:18 UTC

Description daniel parkes 2025-02-07 15:23:24 UTC

Description of problem:

Ceph as a Service Team request.

When updating the SSL certificate for RGW and Ingress services, the certificate isn't updated until the daemons are restarted manually. If this could somehow be done automatically when the certificates are updated it will help automation



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 10 errata-xmlrpc 2025-06-26 12:25:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Ceph Storage 8.1 security, bug fix, and enhancement updates), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2025:9775

Note You need to log in before you can comment on or make changes to this bug.