Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: quay-v3.6.0
Affects Version/s: None
Component/s: quay-operator
Labels:

Blocked:
False
Ready:
False
Release Note Text:
Undefined
Git Pull Request:
https://github.com/quay/quay-operator/pull/453
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

An initial creation of a root ca is fine... but do not recreate the root ca with every restart...
The recreation will break reencrypted routes and has as a drawback the "trust-the-new-root-ca"-procedure.

If the QuayRegistry is restarting (by any reason) the already existing root ca should be reuse... as long as it is still a valid one!

Maybe the Quay operator should hold one "Quay root ca" for the whole cluster and sign freshly made certs with this "operator root ca"!

causes

PROJQUAY-2026 Quay operator: Config editor fails to validate SSL settings

Closed

is duplicated by

PROJQUAY-1646 Quay config app regenerates the certs on each reconcile

Closed

Assignee:: Ricardo Maraschini (Inactive)

Reporter:: Lars Bohnsack

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2021/04/06 5:20 AM

Updated:: 2021/11/01 2:53 PM

Resolved:: 2021/05/14 9:10 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates