It seems that openshift ansible only added: #namedCertificates: #- certFile: /etc/origin/master/named_certificates/cert.pem # keyFile: /etc/origin/master/named_certificates/privkey.pem # names: # - "n1.devcloud.cz"
into master-config.yaml But it still complains about non valid certificate. Can this be caused by letsencrypt certification authority? As in logs there are plenty of: x509: certificate signed by unknown authority David Strejc t: +420734270131 e: [email protected] On Thu, Mar 10, 2016 at 3:19 PM, David Strejc <[email protected]> wrote: > I've found that this is possible with openshift-ansible: > > openshift_master_overwrite_named_certificates = true > > and specifying certs in > > openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", > "keyfile": "/path/to/custom1.key"}] > > So I am now running ansible again. > > Anyway thanks for reply. > > David Strejc > t: +420734270131 > e: [email protected] > > On Thu, Mar 10, 2016 at 3:18 PM, Clayton Coleman <[email protected]> > wrote: > >> When you create new a new master cert you need to re-key all of the >> other components of the system - router, registry, service accounts, >> and nodes. I don't know that we have a single document that discusses >> re-keying, although I've seen reference to it recently. Jordan, do >> you know if there is a document / docs yet? >> >> On Thu, Mar 10, 2016 at 8:27 AM, David Strejc <[email protected]> >> wrote: >> > When I've changed default certificate which was created by >> openshift-ansible >> > for origin-master server >> > >> > - files /etc/origin/master/master.server.{crt,key} >> > >> > origin-master crashes after some time. >> > >> > Certificate is valid and fuctional at HAProxy. >> > >> > Where else I have to change this certificate? Should I change it on >> nodes >> > also? >> > >> > Thank you! >> > David Strejc >> > t: +420734270131 >> > e: [email protected] >> > >> > _______________________________________________ >> > users mailing list >> > [email protected] >> > http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> > >> > >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
