-
Bug
-
Resolution: Done
-
Critical
-
quay-v3.5.0
-
False
-
False
-
Undefined
-
Description:
This is an issue found when configure quay to LDAPS as quay authentication, after upload the SSL cert of LDAPS via quay config editor, get error "Error: Cannot read public key. OID is not RSA".
Now the behavior is even quay configure editor show the status of the SSL cert as "Error: Cannot read public key. OID is not RSA", but with the uploaded SSL Cert, using quay configure editor the validation with LDAPS was passed.
pls confirm the expected behavior, if Quay configure editor think this SSL cert is not compliance with FIPS standards, it should not allow to use.
If the behavior is allow to user this cert, then after quay reconcile, it should not lost the LDPAS SSL Cert.
Upload SSL Cert of LDAPs hit Error:
Quay Index image:
Index image v4.7: registry-proxy.engineering.redhat.com/rh-osbs/iib:61289
Quay Version:
oc get pod NAME READY STATUS RESTARTS AGE quay-operator.v3.5.0-7489b8c4f-r4r6j 1/1 Running 0 94m quayregistry-clair-app-574699545c-54zvk 1/1 Running 0 12m quayregistry-clair-postgres-64b54bbdd6-zkhfz 1/1 Running 0 11m quayregistry-quay-app-696f67485b-wjv9t 1/1 Running 3 12m quayregistry-quay-config-editor-6559b644c4-k2nmn 1/1 Running 0 12m quayregistry-quay-database-6bb7c58f9b-djwcn 1/1 Running 0 11m quayregistry-quay-mirror-74ffcb868b-xbrt7 1/1 Running 1 11m quayregistry-quay-postgres-init-n4xsg 0/1 Completed 0 12m quayregistry-quay-redis-f5ff84947-rg676 1/1 Running 0 12m oc get pod quayregistry-quay-app-696f67485b-wjv9t -o json | jq '.spec.containers[0].image' "registry.redhat.io/quay/quay-rhel8@sha256:0444c7b452a14e0c87ee56f9aa72c54484333c38b0a95de9a4f11f6177273f26"
