diff options
author | Noriko Hosoi <nhosoi@redhat.com> | 2018-01-17 17:41:48 -0800 |
---|---|---|
committer | Noriko Hosoi <nhosoi@redhat.com> | 2018-01-19 12:02:40 -0800 |
commit | ac23e6e362d8758032c1dd573d0ff6a958445df5 (patch) | |
tree | 32bc6d45a4800d8ca316972b064f5e81d513c3e1 | |
parent | e5a319cf8c7cc6d36ddb9fdc9e69e9dd1b8eb3f5 (diff) | |
download | openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.tar.gz openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.tar.bz2 openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.tar.xz openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.zip |
Bug 1512825 - add mux pod failed for Serial number 02 has already been issued
According to mkhan@redhat.com, to run the "oc adm ca create-server-cert" command
line with --signer-serial option, the following changes need to be made.
1. adding --overwrite=false
2. <ca.serial.txt> should contain only [0-9A-F]*.
(no trailing newlines are allowed for now)
This patch solves 1.
-rw-r--r-- | roles/openshift_logging/tasks/generate_certs.yaml | 2 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/procure_server_certs.yaml | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/openshift_logging/tasks/generate_certs.yaml b/roles/openshift_logging/tasks/generate_certs.yaml index 0d7f8c056..a40449bf6 100644 --- a/roles/openshift_logging/tasks/generate_certs.yaml +++ b/roles/openshift_logging/tasks/generate_certs.yaml @@ -19,7 +19,7 @@ command: > {{ openshift_client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-signer-cert --key={{generated_certs_dir}}/ca.key --cert={{generated_certs_dir}}/ca.crt - --serial={{generated_certs_dir}}/ca.serial.txt --name=logging-signer-test + --serial={{generated_certs_dir}}/ca.serial.txt --name=logging-signer-test --overwrite=false check_mode: no when: - not ca_key_file.stat.exists diff --git a/roles/openshift_logging/tasks/procure_server_certs.yaml b/roles/openshift_logging/tasks/procure_server_certs.yaml index bc817075d..d28d1d160 100644 --- a/roles/openshift_logging/tasks/procure_server_certs.yaml +++ b/roles/openshift_logging/tasks/procure_server_certs.yaml @@ -30,7 +30,7 @@ {{ openshift_client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-server-cert --key={{generated_certs_dir}}/{{cert_info.procure_component}}.key --cert={{generated_certs_dir}}/{{cert_info.procure_component}}.crt --hostnames={{cert_info.hostnames|quote}} --signer-cert={{generated_certs_dir}}/ca.crt --signer-key={{generated_certs_dir}}/ca.key - --signer-serial={{generated_certs_dir}}/ca.serial.txt + --signer-serial={{generated_certs_dir}}/ca.serial.txt --overwrite=false check_mode: no when: - cert_info.hostnames is defined |