Uploaded image for project: 'Couchbase Kubernetes'
  1. Couchbase Kubernetes
  2. K8S-2852

Allow rotation of expired certs

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 2.4.0
    • None
    • operator
    • 3 - Krack the whip, 4 - Operation Krack-down
    • 1

    Description

      When the full PKI expires root & client certs then attempts to call reloadNodeCertificate fails even if user has managed to upgrade secrets and new certs are actually mounted within Couchbase.

      Therefore, as a last resort we will break TLS policy and do plain-text or no-verify and reload new certs. ONLY if a flag has been set to allow this (crd change).

      Attachments

        Issue Links

          For Gerrit Dashboard: K8S-2852
          # Subject Branch Project Status CR V

          Activity

            People

              tommie Tommie McAfee (Inactive)
              tommie Tommie McAfee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty