Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-8381

Console shows x509 error when requesting token from oauth endpoint

    XMLWordPrintable

Details

    • No
    • Hypershift Sprint 233
    • 1
    • Proposed
    • False
    • Hide

      None

      Show
      None

    Description

      Derscription of problem:

      On a hypershift cluster that has public certs for OAuth configured, the console reports a x509 certificate error when attempting to display a token

      Version-Release number of selected component (if applicable):

      4.12.z

      How reproducible:

      always

      Steps to Reproduce:

      1. Create a hosted cluster configured with a letsencrypt certificate for the oauth endpoint.
2. Go to the console of the hosted cluster. Click on the user icon and get token.

      Actual results:

      The console displays an oauth cert error

      Expected results:

      The token displays

      Additional info:

      The hcco reconciles the oauth cert into the console namespace. However, it is only reconciling the self-signed one and not the one that was configured through .spec.configuration.apiserver of the hostedcluster. It needs to detect the actual cert used for oauth and send that one.

       

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-10586 Console shows x509 error when requesting token from oauth endpoint

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-10587 Console shows x509 error when requesting token from oauth endpoint

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-10586 Console shows x509 error when requesting token from oauth endpoint

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-10587 Console shows x509 error when requesting token from oauth endpoint

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          links to

          GitHub openshift/hypershift#2279: OCPBUGS-8381: Use appropriate serving certificate for OAuth

          mentioned on

          GitLab Merge request - Bump IBM integration to our latest prod image.

          Activity

            People

              cewong@redhat.com Cesar Wong
              cewong@redhat.com Cesar Wong
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: