Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-13168

Invalid CA certificate bundle provided by service account token

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • 4.14.0
    • 4.13.z, 4.12.z, 4.14.0
    • HyperShift
    • No
    • Hypershift Sprint 236, Hypershift Sprint 237
    • 2
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      oc login --token=$token
--server=https://api.dalh-dev-hs-2.05zb.p3.openshiftapps.com:443 --certificate-authority=ca.crt
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.

      The referenced "ca.crt" comes from the Secret created when a Service Account is created.

      Version-Release number of selected component (if applicable): 4.12.12

      How reproducible: Always

              cewong@redhat.com Cesar Wong
              wgordon.openshift Will Gordon
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: