-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.18.z
-
Quality / Stability / Reliability
-
False
-
-
2
-
Moderate
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Starting with upstream cert-manager 1.16.z there is now a size limitation placed on certificates, https://github.com/cert-manager/cert-manager/pull/7401.
Version-Release number of selected component (if applicable):
cert-manager 1.16
How reproducible:
Every time you request a larger certificate
Steps to Reproduce:
1. Install latest cert-manager 1.16
2.Create certificate that is larger than maximum allowed size (https://github.com/cert-manager/cert-manager/blob/release-1.16/internal/pem/decode.go#L51)
Actual results:
cert-manager refuses to request the certificate
Expected results:
cert-manager successfully requests the certificate (just like in cert-manager 1.14)
Additional info:
The upstream fixes for cert-manager 1.17.z are already merged. But these fixes are not in an upstream 1.17.z release yet.
- https://github.com/cert-manager/cert-manager/pull/7967
- https://github.com/cert-manager/cert-manager/pull/7965
Asking for Red Hat to pull these upstream fixes into an upcoming Red Hat cert-manager 1.17.z release.