Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-14031

Invalid CA certificate bundle provided by service account token

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 4.12.z
    • 4.12.z
    • HyperShift
    • No
    • Proposed
    • False
    • Hide

      None

      Show
      None

    Description

      This is a clone of issue OCPBUGS-13168. The following is the description of the original issue:

      Description of problem:

      oc login --token=$token
--server=https://api.dalh-dev-hs-2.05zb.p3.openshiftapps.com:443 --certificate-authority=ca.crt
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.

      The referenced "ca.crt" comes from the Secret created when a Service Account is created.

      Version-Release number of selected component (if applicable): 4.12.12

      How reproducible: Always

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-13168 Invalid CA certificate bundle provided by service account token

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-14030 Invalid CA certificate bundle provided by service account token

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          links to

          GitHub openshift/hypershift#2600: [release-4.12] OCPBUGS-14031: Include default ingress CA in root CA bundle

          Activity

            People

              agarcial@redhat.com Alberto Garcia Lamela
              openshift-crt-jira-prow OpenShift Prow Bot
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: