Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-65964

[must-gather-operator] HTTPS_PROXY injection requires CA certificate injection

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • 4.20.z, 4.21.0
    • must-gather
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      The Support Log Gather operator is supported on a Proxy-based cluster i.e. it can inject HTTP_PROXY, et al. env vars on the Pod that uploads the must-gather tar to Red Hat customer support portal servers.

An user of OpenShift with HTTPS_PROXY cluster ALWAYS requires a well-known CA to be injected in order to allow transfers over the network.

      Version-Release number of selected component (if applicable):

      support-log-gather-operator.v4.20.0-202511182227, 

OpenShift v4.20.3

      How reproducible:

      Always

      Steps to Reproduce:

      Create a cluster with HTTPS_PROXY,

Install support-log-gather-operator through OLM,

Create a MustGather object with uploadTarget,

Upload to access.redhat.com will fail with CA verification error.

      Actual results:

      SSL certificate problem: failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it  

      Expected results:

      Pod launched by the operator for uploading tar to Red Hat servers, should inject TRUSTED_CA or similar.

      Additional info:

       

              tgeer@redhat.com Trilok Geer
              swghosh@redhat.com Swarup Ghosh
              None
              None
              Keenon Lee Keenon Lee
              None
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: