Closed c3s4 closed 2 years ago
An update: I can confirm that every time I use this ansible role I broke everything. I have a multi tenants app (about 15 tenants at the moment). I ran right a couple of hour ago the ansible playbook to update stuff and now all certificates are invalid for Chrome on mac 😱 .
Any idea?
Hi, digging a lot more I found out the actual problem was in the merging script to create a cert from fullchain and privkey for haproxy. For some strange reason, was working until last month. I fixed the merging role and everything works like a charm.
Sorry for this unuseful issue. I close it.
Cheers
Hi, I'm experiencing a strange issue. If i create a new certificate with this role I get a certificate that is invalid in Chrome on mac OS Big Sur. This is because Chrome "sees" an invalid Root certificate, the DST Root CA X3, but Firefox sees the new one: ISRG Root X1.
I'm posting this issue here because, if I run the
command manually, the generated certificate works as expected.