So I found the reason whey the server wasn't starting - the certs need
to be copied to the directory where the configurations are. I was
pointing to them from a different location.
But I'm still not able to get the custom certs working.
If I define them in the assetConfig.ServingInfo section then the server
starts, but the web console doesn't use them.
If I define them in the servingInfo section (just change the certFile,
clientCA and keyFile props) then the server doesn't start.
Is there a description of what all these certificates are used for and
how to use custom certificates anywhere?
Tim
On 28/07/2017 13:30, Cesar Wong wrote:
Hi Tim,
You may want to enable additional logging by running 'oc cluster up
--loglevel=5 --server-loglevel=5
If the origin container can't start, there's something wrong with the
master-config.yaml (could be as simple as a formatting issue)
On Jul 28, 2017, at 6:17 AM, Tim Dudgeon <[email protected]> wrote:
I'm trying to work out how to deploy custom certificates so that the OS console
doesn't complain about untrested certs.
I've obtained certificates using Let's Encrypt, so have the following files:
cert.pem chain.pem fullchaim.pem privkey.pem
Now I try to update my master-config.yaml to use these.
I was thinking that the minimum needed would be to edit:
assetConfig.ServingInfo.certFile to point to fullchain.pem
assetConfig.ServingInfo.keyFile to point to privkey.pem
and leave assetConfig.ServingInfo.clientCA as empty.
I made no other changes.
Unfortunately this does not work. oc cluster up fails badly without saying much
that is useful:
Starting OpenShift using openshift/origin:v3.6.0-rc.0 ...
-- Checking OpenShift client ... OK
-- Checking Docker client ... OK
-- Checking Docker version ... OK
-- Checking for existing OpenShift container ...
Deleted existing OpenShift container
-- Checking for openshift/origin:v3.6.0-rc.0 image ... OK
-- Checking Docker daemon configuration ... OK
-- Checking for available ports ... OK
-- Checking type of volume mount ...
Using nsenter mounter for OpenShift volumes
-- Creating host directories ... OK
-- Finding server IP ...
Using 127.0.0.1 as the server IP
-- Starting OpenShift container ...
Starting OpenShift using container 'origin'
FAIL
Error: could not start OpenShift container "origin"
Details:
No log available from "origin" container
Any pointers to how to do this correctly?
Thanks
Tim
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
