Nagios charm needs to handle self-signed SSL certificate expiration.
Bug #1903353 reported by
Paul Goins
This bug affects 5 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Nagios Charm |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
On a customer cloud using the self-signed certificate option, the certificate has expired. However, the charm does not appear to have anything in place for dealing with this. It creates the certificate one and only one time.
Changed in charm-nagios: | |
status: | New → Triaged |
importance: | Undecided → Medium |
To post a comment you must log in.
The certificate is generated by charmhelpers, and it looks like the expiration is hard-coded to 365 days. If this expires, there is no charmed action to manage this.
The workaround is likely as follows:
* Delete the /etc/ssl/ certs/< ip>.pem and /etc/ssl/ private/ <ip>.key files
* Run the config-changed hook by hand.