Uploaded image for project: 'OpenShift Hosted Control Plane'
  1. OpenShift Hosted Control Plane
  2. HOSTEDCP-1861

Break up the default Kubernetes API serving certificate into multiple certificates

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • None
    • Strategic Product Work
    • False
    • None
    • False
    • OCPSTRAT-460 - Optimized HyperShift Operator Deployment on AKS and Adaptive Environment Detection
    • Hypershift Sprint 258
    • 0
    • 0
    • 0

      User Story:

      As an end user of a hypershift cluster, I want to be able to:

      • Not see internal host information when inspecting a serving certificate of the kubernetes API server

      so that I can achieve

      • No knowledge of internal names for the kubernetes cluster.

      From slack thread: https://redhat-external.slack.com/archives/C075PHEFZKQ/p1722615219974739 

      We need 4 different certs:

      • common sans
      • internal san
      • fqdn
      • svc ip

              sjenning Seth Jennings
              cewong@redhat.com Cesar Wong
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: