Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: maistra-2.0.1
Affects Version/s: None
Component/s: None
Labels:
None

Blocked:
False
Ready:
False
Release Note Text:
Undefined
Git Pull Request:
https://github.com/maistra/istio-operator/pull/633
Market:

Sprint:
MAISTRA 2.0.1

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When the control plane is configured to use a custom key for signing, the webhooks' CABundle is not updated and the installation/update fails, as the create/update calls for istio resources fail with validation errors.

Steps to reproduce:

Create cacerts secret in the target namespace using the example certs in istio.io/istio/samples/certs, e.g.: oc create secret generic cacerts --from-file path/to/istio/samples/certs
Install control plane with following security settings:

spec:
  security:
    certificateAuthority:
      type: Istiod
      istiod:
        type: PrivateKey

is related to

MAISTRA-2040 Installation fails with 'certificate signed by unknown authority'

Closed

Assignee:: Daniel Grimm

Reporter:: Rob Cernich

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2020/11/13 12:50 PM

Updated:: 2021/02/16 12:40 PM

Resolved:: 2021/02/16 12:40 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates