Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-8652

dataplane deployment fails in create tls cert when using fqdn > 64bytes

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Blocker Blocker
    • rhos-18.0.0
    • rhos-18.0.0
    • openstack-operator
    • None
    • Critical

      When bmh are used with long DNS names, the cert generation fails with

      TLSInput error occured in TLS sources admission webhook "webhook.cert-manager.io" denied the request: spec.commonName: Too long: must have at most 64 bytes

       

      The `CommonName` of a tls cert has a max length of 64 bytes. The `dnsNames` should be used instead. 

      From https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources
       
       

      # The use of the common name field has been deprecated since 2000 and is # discouraged from being used.
commonName: example.com  

       
       
       

              rhn-engineering-owalsh Oliver Walsh
              rhn-support-mschuppe Martin Schuppert
              rhos-dfg-ospk8s
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: