Hello, Has anyone been able to get a wildcard cert chain working successfully in a OSE3.3 HA configuration successfully? I believe my issue resides in the way I'm encoding the PEM file and presenting it with Ansible. Any help would be greatly appreciated.
Current config is 3 masters/etcd, 3 nodes, a master_lb, and an external nfs storage. I've been using this command to try and update the existing cluster with our wildcard cert. IE: *.cloudapps.example.com ansible-playbook -i /root/.config/openshift/hosts /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/redeploy-certificates.yml --extra-vars "openshift_certificates_redeploy_ca=true" the hosts file regarding this change looks like this with the domain changed: openshift_master_cluster_public_hostname=lb.cloudapps.example.com openshift_master_overwrite_named_certificates=true openshift_master_named_certificates=[{"certfile": "/tmp/certs/fullpem.crt", "keyfile": "/tmp/cloudapps.example.com.key", "names": ["*.cloudapps.example.com"]}] I've encoded the fullpem.crt as the following from top to bottom: keyfile wildcard cert intermediate cert root cert Any help would be greatly appreciated! C. Conor Flynn _______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users