Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-1062

quay-bridge webhook-create-signed-cert.sh creates a certificate valid for only 65 days

    XMLWordPrintable

Details

    Description

      webhook-create-signed-cert.sh create a certificate that is valid for only 65 days. After 65 days, Openshift cannot launch any new build. The cert must be deleted and recreated then the quay-bridge operator must be uninstalled and reinstalled.

      To check the validity of the certs :
      1. oc get secret quay-bridge-operator-webhook-certs -n openshift-operators -o yaml
      2. Decode the certificate from the yaml, which is in base64 (certs.pem: ) with
      [https://www.base64decode.org/
      ]
      3. Copy the result in a file, cert.pem
      4. openssl x509 -in cert.pem -text -noout
      Validity
      Not Before: Aug 27 12:43:04 2020 GMT
      Not After : Sep 19 12:29:41 2020 GMT

      Expected results:
      1. we should be able to pass a period as an argument to the webhook-create-signed-cert.sh
      2. Openshit must report that this certificate has expired and must be replaced

      Attachments

        Activity

          People

            rhn-coreos-amerdler Alec Merdler
            michael.lessard Michael Lessard (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: