Certs don't include trust chain, breaking intermediate CA
Bug #1891556 reported by
Cory Johns
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Etcd Charm |
Fix Released
|
Medium
|
Unassigned | ||
Kubernetes Control Plane Charm |
Fix Released
|
Medium
|
Unassigned | ||
Kubernetes Worker Charm |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Originally reported here: https:/
When certs are written using the tls-client layer, the chain isn't included. This works fine if the cert is signed directly by a trusted CA, but if an intermediate CA is used (e.g., Vault), then the trust chain is required to validate the cert.
PR: https:/
Changed in charm-kubernetes-master: | |
status: | New → Fix Committed |
Changed in charm-kubernetes-worker: | |
status: | New → Fix Committed |
Changed in charm-kubernetes-master: | |
milestone: | none → 1.19 |
Changed in charm-kubernetes-worker: | |
milestone: | none → 1.19 |
Changed in charm-kubernetes-master: | |
importance: | Undecided → Medium |
Changed in charm-kubernetes-worker: | |
importance: | Undecided → Medium |
Changed in charm-etcd: | |
status: | Fix Committed → Fix Released |
Changed in charm-kubernetes-master: | |
status: | Fix Committed → Fix Released |
Changed in charm-kubernetes-worker: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.