Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
3 - Krack the whip, 4 - Operation Krack-down
-
1
Description
When the full PKI expires root & client certs then attempts to call reloadNodeCertificate fails even if user has managed to upgrade secrets and new certs are actually mounted within Couchbase.
Therefore, as a last resort we will break TLS policy and do plain-text or no-verify and reload new certs. ONLY if a flag has been set to allow this (crd change).
Attachments
Issue Links
- relates to
-
K8S-2855 CAO: Docs for TLS Update
- Resolved