Closed StefanSa closed 3 years ago
Hi StefanSa, I was wondering which version of OpenSSL you're using. Perhaps this error could be correlated with an old version of it. Do you have the configuration you used to get to this problem, so we can investigate?
Ps. Sorry, I read your post to cert-manager
Hi @SimeonPoot
thanks for your answer.
What is noticeable is that the ca.crt
on the certificate differs significantly from the ca in the caBundle
, just in terms of length / size.
For this reason alone, i think that the ca.crt
is defective, i just ask why. I use opensuse leap with the corresponding openssl.
Why is the ca.crt not identical to the caBundle. i used the Docker image "pietere / controller", not binary that i compiled myself.
The interesting thing about this is that all other certificates are valid and correctly issued by the ADCS, only the ca.crt
causes problems. Which configuration do you need from me so that I can make it easier for you to look for this error?
Thanks for your time and help.
I understand, ok! You're using that image. Good to know, perhaps an idea to compile the binary from the code locally and see if this fixes your issue. I think it's just a matter of building the docker image. Let's see if that fixes your problem. I might have some time next week to check it out otherwise.
@SimeonPoot Thank you for the wink with the image, that was exactly the problem. Own image created and rolled out in k8s, now everything works as expected. Thanks again.
Hi there, the correct caBundele is registered to the Adcs issuer. But the generated "ca.crt" in the certificate is not valid, readable. What am i doing wrong here?
Thanks for any help. @SimeonPoot, i use your fork (thanks)