Details
Description
When rhpam-triel environment is deployed with PIM by operator on OCP4, kie-server and business central can't be accessed over SSL(https).
Here is an example CR yaml.
apiVersion: app.kiegroup.org/v2 kind: KieApp metadata: name: pimtest spec: environment: rhpam-trial commonConfig: adminUser: adminuser adminPassword: password startupStrategy: strategyName: OpenShiftStartupStrategy objects: processMigration: database: type: postgresql
The following routes are created.
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD console-cr-form console-cr-form-op1.apps.test712.lab.upshift.xxx.redhat.com console-cr-form <all> reencrypt None pimtest-kieserver pimtest-kieserver-op1.apps.test712.lab.upshift.xxx.redhat.com pimtest-kieserver https None pimtest-kieserver-http pimtest-kieserver-http-op1.apps.test712.lab.upshift.test.redhat.com pimtest-kieserver http None pimtest-process-migration pimtest-process-migration-op1.apps.test712.lab.upshift.xxx.redhat.com pimtest-process-migration http None pimtest-rhpamcentr pimtest-rhpamcentr-op1.apps.test712.lab.upshift.xxx.redhat.com pimtest-rhpamcentr https None pimtest-rhpamcentr-http pimtest-rhpamcentr-http-op1.apps.test712.lab.upshift.xxx.redhat.com pimtest-rhpamcentr http None
Both http and https routes are created for kieserver and business central respectively. But in https route, tls is not configured.
spec: host: pimtest-kieserver-op1.apps.test712.lab.upshift.xxx.redhat.com port: targetPort: https to: kind: Service name: pimtest-kieserver weight: 100 wildcardPolicy: None
Further more, keystore is not created on both kieserver and business central pods even if keystore secrets are specified explicitly for both in CR yaml. Therefore, SSL is not enabled on both pods .