Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-21742

New Fuse Console deployments don't work after yearly "openshift-service-serving-signer" certificate rotation.

    XMLWordPrintable

Details

    • Critical
    • Very Likely

    Description

      After the Fuse Console deployment is installed by the operator, its certificate has to be renewed each year, as it cannot access the pods, as described in this KB article [1]

      Initially, it was associated with a Openshift bug [2], it is also discused on this jira report [3], but the Openshift Engineering team denied it was something
      on the platform itself, and closed the ticket

      So, after reviewing this issue, we decided to have a look, from the Fuse Console side, as the certificate that is duplicated is generated by the Operator itself,
      and this is not responsability of the Openshift team.

      This note [4] should also be considered

      [1] https://access.redhat.com/solutions/5751001
      [2] https://bugzilla.redhat.com/show_bug.cgi?id=1920974
      [3] https://issues.redhat.com/browse/OCPBUGS-14666
      [4] https://access.redhat.com/solutions/6961450

      Attachments

        Issue Links

          account is impacted by

          Bug - A problem that impairs or prevents the functions of the product. ENTMQBR-8609 Incorporate the fix of ENTESB-21742 to AMQ Broker Image

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Bug - A problem that impairs or prevents the functions of the product. ENTESB-17779 Fuse console client auth fails when multiple cert authorities are present in jolokia caCert file

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          links to

          Web Link jolokia/jolokia#570 – CA certificate override on OpenShift

          Activity

            People

              ggrzybek Grzegorz Grzybek
              rhn-support-anarvaez Alfredo Narvaez
              Juri Solovjov Juri Solovjov
              Votes:
              2 Vote for this issue
              Watchers:
              13 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: