Hello,
Has anyone been able to get a wildcard cert chain working successfully in a
OSE3.3 HA configuration successfully?
I believe my issue resides in the way I'm encoding the PEM file and presenting
it with Ansible. Any help would be greatly appreciated.
Current config is 3 masters/etcd, 3 nodes, a master_lb, and an external nfs
storage.
I've been using this command to try and update the existing cluster with our
wildcard cert. IE: *.cloudapps.example.com
ansible-playbook -i /root/.config/openshift/hosts
/usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/redeploy-certificates.yml
--extra-vars "openshift_certificates_redeploy_ca=true"
the hosts file regarding this change looks like this with the domain changed:
openshift_master_cluster_public_hostname=lb.cloudapps.example.com
openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{"certfile": "/tmp/certs/fullpem.crt",
"keyfile": "/tmp/cloudapps.example.com.key", "names":
["*.cloudapps.example.com"]}]
I've encoded the fullpem.crt as the following from top to bottom:
keyfile
wildcard cert
intermediate cert
root cert
Any help would be greatly appreciated!
C. Conor Flynn
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
