Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-9181

Trust secret doesn't support bundle with additional format certificates

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • AMQ 7.12.1.OPR.1.GA
    • AMQ 7.12.0.OPR.1.GA
    • operator

      *Describe the bug*
      When the trust secret has additional format certificates, the broker pods are restarted frequently, i.e.

      ```
      apiVersion: trust.cert-manager.io/v1alpha1
      kind: Bundle
      metadata:
      name: my-bundle
      spec:
      sources:

      • secret:
        name: "my-foo-cert-secret"
        key: "tls.crt"
      • secret:
        name: "my-bar-cert-secret"
        key: "tls.crt"
        target:
        secret:
        key: "root-certs.pem"
        additionalFormats:
        jks:
        key: "bundle.jks"
        pkcs12:
        key: "bundle.p12"
        ```

      ```
      apiVersion: broker.amq.io/v1beta1
      kind: ActiveMQArtemis
      metadata:
      name: broker
      spec:
      acceptors:

      • name: tls-acceptor
        port: 61617
        sslEnabled: true
        needClientAuth: true
        sslSecret: my-broker-cert-secret
        trustSecret: my-bundle
        ```

      > [!TIP]
      > Vote this issue reacting with :+1: or :-1:

            dbruscin Domenico Francesco Bruscino
            rh-messaging-ci Messaging CI
            Tiago Bueno Tiago Bueno
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: