ibotty
commented
7 years ago Yes, that's right. Any idea how an api should look like? I prefer being explicit which domains to combine.
Open mguillem opened 7 years ago
ibotty
commented
7 years ago Yes, that's right. Any idea how an api should look like? I prefer being explicit which domains to combine.
ibotty
commented
7 years ago Oh, you mean routes with paths. Yeah, that's a bug, I introduced when going from secrets to just storing the certificates in the route.
mguillem
commented
7 years ago What was the motivation for moving away from the secrets?
ibotty
commented
7 years ago It did not work for some people, I guess because of bugs in openshift. Additionally, having the certificates in two places (the route and a secret) is not nice. I really do hope, that routes when they get rebased on top of ingresses additionally have a way to reference a secret.
ibotty
commented
7 years ago I don't have much time now, can you please test the path-routes branch? It should fix that part (and lay the foundation of grouping certificates).
ibotty
commented
7 years ago Did you have a chance to test the branch?
According to the log (and my understanding of the code), it seems that a new certificate is requested for each route, even if the host name is the same. This is a problem due to the rate limit of letsencrypt.
In our case, multiple routes are used to map different services to sub paths.