smoldenhauer-ish commented on PR #685: URL: https://github.com/apache/solr-operator/pull/685#issuecomment-2039609872
I changed the double "-in" option into "-certfile ca.crt" to add the additional certificate(s) from an ca.crt entry into the created keystore.p12 The double "-in" from the original code is not evaluated by openssl - currently with openssl 1.1.1 the last -in is used. So it fails, if that is the ca.crt, because there is "No certificate matches private key" the first -in tls.crt is ignored. With the -certfile option the additional ca.crt is added - the generated keystore.p12 contains the both certificates just like the cert-manager generated keystore. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org