This should cover the rekey scenario, you may have to limit to the master https://docs.openshift.com/container-platform/3.3/install_config/redeploying_certificates.html
On Mar 16, 2017, at 5:33 AM, Francisco Pérez Fernández <[email protected]> wrote: Hi, My OpenShift cluster is down, on attempting to restart the master I got the following errors (see screenshot "openshift-master.log"). I note the etcd master cert is expired: [root@openshift-master1]# for i in /etc/origin/master/*.crt;do echo $i; openssl x509 -in $i -noout -enddate; done /etc/origin/master/admin.crt notAfter=Feb 7 13:52:14 2018 GMT /etc/origin/master/ca.crt notAfter=Feb 6 13:52:12 2021 GMT /etc/origin/master/etcd.server.crt notAfter=Feb 7 13:52:13 2018 GMT */etc/origin/master/master.etcd-ca.crt* *notAfter=Feb 7 13:50:29 2017 GMT* */etc/origin/master/master.etcd-client.crt* *notAfter=Feb 7 13:51:41 2017 GMT* /etc/origin/master/master.kubelet-client.crt notAfter=Feb 7 13:52:12 2018 GMT /etc/origin/master/master.proxy-client.crt notAfter=Feb 7 13:52:13 2018 GMT /etc/origin/master/master.server.crt notAfter=Feb 7 13:52:13 2018 GMT /etc/origin/master/openshift-master.crt notAfter=Feb 7 13:52:13 2018 GMT /etc/origin/master/openshift-registry.crt notAfter=Feb 7 13:52:16 2018 GMT /etc/origin/master/openshift-router.crt notAfter=Feb 7 13:52:15 2018 GMT How can I regenerate this certificate without affecting others? Our Openshift infrastructure is: - 1 load balancer: openshift-lb - 2 master: openshift-master1 and openshift-master2 - 2 nodes: openshift-node1 and openshift-node2 - Version: 1.1.1.1 I do not know if this question has been solved before, since searching in the list is not easy :) Thank you so much. Best regards. P Please consider the environment before printing this e-mail. ------------------------------ This message including any attachments may contain confidential information, according to our Information Security Management System, and intended solely for a specific individual to whom they are addressed. Any unauthorised copy, disclosure or distribution of this message is strictly forbidden. If you have received this transmission in error, please notify the sender immediately and delete it. Thank you. ------------------------------ Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener información clasificada por su emisor como confidencial en el marco de su Sistema de Gestión de Seguridad de la Información siendo para uso exclusivo del destinatario, quedando prohibida su divulgación copia o distribución a terceros sin la autorización expresa del remitente. Si Vd. ha recibido este mensaje erróneamente, se ruega lo notifique al remitente y proceda a su borrado. Gracias por su colaboración. ------------------------------ Esta mensagem, incluindo qualquer ficheiro anexo, pode conter informação confidencial, de acordo com nosso Sistema de Gestão de Segurança da Informação, sendo para uso exclusivo do destinatário e estando proibida a sua divulgação, cópia ou distribuição a terceiros sem autorização expressa do remetente da mesma. Se recebeu esta mensagem por engano, por favor avise de imediato o remetente e apague-a. Obrigado pela sua colaboração. ------------------------------ <openshift-master.log> _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
