Uploaded image for project: 'Couchbase Kubernetes'
  1. Couchbase Kubernetes
  2. K8S-2852

Allow rotation of expired certs

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 2.4.0
    • None
    • operator
    • 3 - Krack the whip, 4 - Operation Krack-down
    • 1

    Description

      When the full PKI expires root & client certs then attempts to call reloadNodeCertificate fails even if user has managed to upgrade secrets and new certs are actually mounted within Couchbase.

      Therefore, as a last resort we will break TLS policy and do plain-text or no-verify and reload new certs. ONLY if a flag has been set to allow this (crd change).

      Attachments

        Issue Links

          relates to

          Page - A new page either standalone or within a series of pages must be added K8S-2855 CAO: Docs for TLS Update

          • Major - Major loss of function.
          • Resolved
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              tommie Tommie McAfee (Inactive)
              tommie Tommie McAfee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty