Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-13168

Invalid CA certificate bundle provided by service account token

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • 4.14.0
    • 4.13.z, 4.12.z, 4.14.0
    • HyperShift
    • No
    • Hypershift Sprint 236, Hypershift Sprint 237
    • 2
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      oc login --token=$token
--server=https://api.dalh-dev-hs-2.05zb.p3.openshiftapps.com:443 --certificate-authority=ca.crt
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.

      The referenced "ca.crt" comes from the Secret created when a Service Account is created.

      Version-Release number of selected component (if applicable): 4.12.12

      How reproducible: Always

            cewong@redhat.com Cesar Wong
            wgordon.openshift Will Gordon
            Jie Zhao Jie Zhao
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated: