-
Bug
-
Resolution: Done
-
Normal
-
4.17.z
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
None
-
All
-
Production
-
None
-
None
-
None
-
Done
-
Bug Fix
-
-
None
-
None
-
None
-
None
This is a clone of issue OCPBUGS-60381. The following is the description of the original issue:
—
Description of problem:
Hosted cluster has certificate deployed with two SAN entries
Version-Release number of selected component (if applicable):
OCP-4.17.z | ACM 2.12 | MCE 2.7.5
How reproducible:
Hosted cluster deployed with SAN certificate with two DNS hostnames.
Steps to Reproduce:
1. Deploy hosted cluster, use same certificate for API and OAuth Endpoint 2. Error custom serving cert: Invalid value: []string{"api.prod-scale-spoke1-aws-us-east-1.prod-scale-mgmthub1-aws-us-east-1.itup.redhat.com", "oauth.prod-scale-spoke1-aws-us-east-1.prod-scale-mgmthub1-aws-us-east-1.itup.redhat.com"}: conflicting DNS names found in KAS SANs. Configuration is invalid
ValidConfiguration condition is false: custom serving cert: Invalid value: []string{"api.prod-scale-spoke1-aws-us-east-1.prod-scale-mgmthub1-aws-us-east-1.itup.redhat.com", "oauth.prod-scale-spoke1-aws-us-east-1.prod-scale-mgmthub1-aws-us-east-1.itup.redhat.com"}: conflicting DNS names found in KAS SANs. Configuration is invalid
Actual results:
Expected results:
Hosted cluster should allow certificate with multiple entries
Additional info:
Please see attached full hostedcluster manifest
- blocks
-
OCPBUGS-60485 Hostedcluster error about two DNS name in SAN certificate
-
- Closed
-
- clones
-
OCPBUGS-60381 Hostedcluster error about two DNS name in SAN certificate
-
- Verified
-
- is blocked by
-
OCPBUGS-60381 Hostedcluster error about two DNS name in SAN certificate
-
- Verified
-
- is cloned by
-
OCPBUGS-60485 Hostedcluster error about two DNS name in SAN certificate
-
- Closed
-
- links to