Uploaded image for project: 'OpenShift Hosted Control Plane'
  1. OpenShift Hosted Control Plane
  2. HOSTEDCP-1861

Break up the default Kubernetes API serving certificate into multiple certificates

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • None
    • Strategic Product Work
    • False
    • None
    • False
    • OCPSTRAT-460 - Optimized HyperShift Operator Deployment on AKS and Adaptive Environment Detection
    • Hypershift Sprint 258
    • 0
    • 0
    • 0

      User Story:

      As an end user of a hypershift cluster, I want to be able to:

      • Not see internal host information when inspecting a serving certificate of the kubernetes API server

      so that I can achieve

      • No knowledge of internal names for the kubernetes cluster.

      From slack thread: https://redhat-external.slack.com/archives/C075PHEFZKQ/p1722615219974739 

      We need 4 different certs:

      • common sans
      • internal san
      • fqdn
      • svc ip

            sjenning Seth Jennings
            cewong@redhat.com Cesar Wong
            Jie Zhao Jie Zhao
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: