Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
-
None
Description
In a deployment where both "caCert" and "generateCaCert" are provided, if an Issuer already exists for the provided "caCert" name, then operator is unable to "update" the existing issuer.
That is a bad usage, as caCert provided already exists and the "generateCaCert" was set to true.
But we should have a mechanism to handle it. For example something that verifies if a given Issuer already exists (when generateCaCert is set to true) and then skip CA cert generation (instead of attempting to update it) saying that Issuer already exists, then use it.
