Certificate generation: incorrect intermediate CA used

viccross / ansible-playbooks

My collection of Ansible playbooks for various tasks (dominated by Openshift, currently)

Apache License 2.0

2 stars 3 forks source link

Certificate generation: incorrect intermediate CA used #216

Open viccross opened 4 months ago

viccross commented 4 months ago

The regen-certificates.yml playbook failed when importing certificates into the GSKit DB for LDAP. The task create-certificate.yml uses an old copy of oqsCA.cert (and matching key) instead of the oqsCA-{{ cluster_base_domain }}.cert created during zvm-ipconf.

viccross commented 4 months ago

Huh? On the lab ELANs the oqsCA.cert is the correct file -- I don't know where the one with a domain name attached came from...

viccross commented 3 months ago

Certificates on ELANDEV1 are failing verification -- looks like this is not an issue for the build systems, but for the dev system itself...