SSL symbolic links pointing to wrong file
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Dashboard Charm |
New
|
Undecided
|
Unassigned | ||
Bug Description
After a new deployment using vault for certificates I have been unable to get this working on split networks.
I have three spaces:
oam-space
internalapi
externalapi
openstack-dashboard config:
vip: 10.14.64.205
os-public-hostname: dashboard.
and the DNS server is MAAS which holds the PTR record.
this meets all the needs of vault to create the certificate but never links them in the right places.
when openstack-dashboard deploys it creates a certificate for the oam-space and then links this to the external space certificates
root@juju-
total 40
4 dr-xr-xr-x 2 root root 4096 Dec 8 15:47 .
4 dr-xr-xr-x 3 root root 4096 Dec 8 15:40 ..
4 lrwxrwxrwx 1 root root 83 Dec 8 15:43 cert_10.1.103.18 -> /etc/apache2/
4 lrwxrwxrwx 1 root root 83 Dec 8 15:47 cert_10.14.64.205 -> /etc/apache2/
4 -rw-r----- 1 root root 3077 Dec 8 15:47 cert_dashboard.
4 -rw-r----- 1 root root 3110 Dec 8 15:47 cert_eth2.
4 lrwxrwxrwx 1 root root 82 Dec 8 15:43 key_10.1.103.18 -> /etc/apache2/
4 lrwxrwxrwx 1 root root 82 Dec 8 15:47 key_10.14.64.205 -> /etc/apache2/
4 -rw-r----- 1 root root 1674 Dec 8 15:47 key_dashboard.
4 -rw-r----- 1 root root 1678 Dec 8 15:47 key_eth2.
Even with a reissue from vault and removing the relation and adding this back in it keeps the links as is.
I have to delete all files and reissue.
This feels like a race condition
