Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-13168

Invalid CA certificate bundle provided by service account token

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • 4.14.0
    • 4.13.z, 4.12.z, 4.14.0
    • HyperShift
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • No
    • None
    • Rejected
    • Hypershift Sprint 236, Hypershift Sprint 237
    • 2
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      oc login --token=$token
      --server=https://api.dalh-dev-hs-2.05zb.p3.openshiftapps.com:443 --certificate-authority=ca.crt
      The server uses a certificate signed by an unknown authority.
      You can bypass the certificate check, but any data you send to the server could be intercepted by others.
      

      The referenced "ca.crt" comes from the Secret created when a Service Account is created.

      Version-Release number of selected component (if applicable): 4.12.12

      How reproducible: Always

              cewong@redhat.com Cesar Wong
              wgordon.openshift Will Gordon
              None
              None
              Jie Zhao Jie Zhao
              None
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: