According to ceph own docs - https://docs.ceph.com/en/quincy/mgr/dashboard/?highlight=certificate#ssl-tls-support 'dashboard' commands do take per-name/mgr certs, case into account, there should be no need to go to 'config' directly. Those cmds seem to work - meaning they create config paths and values - I see:
-> $ ceph config-key get mgr/dashboard/podster2.mine.priv/crt
-> $ ceph config-key get mgr/dashboard/podster2.mine.priv/key
But it seems that whatever is "global" - is under mgr/dashboard/key|cert - takes precedence and per-node/mgr certs are ignored by ceph, namely, if I do:
-> $ ceph dashboard create-self-signed-cert
then, I do per-node cert (with FQDN or with short hostname), self-signed dashboard cert will be still in effect, on all nodes/mgrs.
Would this be a bug - could anybody confirm/reproduce?
many thanks, L
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io

Reply via email to