ibotty
commented
7 years ago I don't remember having had that problem.
Did you try the oc patch with the same credentials? (You can find them in /run/secrets/...)
Open macmacs opened 7 years ago
ibotty
commented
7 years ago I don't remember having had that problem.
Did you try the oc patch with the same credentials? (You can find them in /run/secrets/...)
ibotty
commented
7 years ago BTW: I plan to migrate to openshift-acme, because having two services that do the same thing is not in my interest. If you have not yet started using openshift-letsencrypt, you might prefer using the other project. That is, if you did not have reasons to prefer that project. If so, please do tell me, so I might reconsider.
macmacs
commented
7 years ago I tried oc patch ... with the service account's token and got The Route "<route>" is invalid: spec.tls: Invalid value: route.TLSConfig{...}: field is immutable
I think it's because of 15772.
The reason for this way of using openshift-letsencrypt was that I didn't get openshift-acme to work either....
ibotty
commented
7 years ago Is that on openshift-online or a diy installed openshift cluster? Am I correct, that it's openshift 3.6?
mcanevet
commented
6 years ago @ibotty do you mean this project is dead? If so, maybe you should put a notice in the README.md.
When I looked at the
watcherpod's log, I noticed, that all steps work fine. Even the generation of thedataobject to patch the route with is correct. I took thisdataobject and passed it to openshift viaoc patch route <route-name> -p <data>. This worked and the route was changed tohttps.By turning on debugging in
common.shviaset -xand removing2> /dev/nullin line 62 i got the messagecurl: (22) NSS: client certificate not found (nickname not specified).After this, cleanup proceeds and the route didn't change.
Any ideas, why this is failing?