Hi; I can use this approach and remove the passthrough termination with the new re-encrypt termination using the wilcard certificate. The only problem is retrrieve the self signed CA generated by the registry.
Marcello On Tue, Oct 31, 2017 at 2:38 AM, Louis Santillan <lsant...@redhat.com> wrote: > Try this solution [0]. It mentions metrics but the general procedure > should also work for registry-console. > > [0] https://docs.openshift.com/container-platform/3.6/ > admin_solutions/certificate_management.html#change-app- > cert-to-ca-signed-cert > > ___________________________________________________ > > LOUIS P. SANTILLAN > > SENIOR CONSULTANT, OPENSHIFT, MIDDLEWARE & DEVOPS > > Red Hat Consulting, NA US WEST <https://www.redhat.com/> > > lpsan...@gmail.com M: 3236334854 > <https://red.ht/sig> > TRIED. TESTED. TRUSTED. <https://redhat.com/trusted> > > On Mon, Oct 30, 2017 at 12:30 PM, Marcello Lorenzi <cell...@gmail.com> > wrote: > >> Hi All, >> we tried to use the playbook /root/openshift-ansib >> le/playbooks/byo/openshift-cluster/redeploy-master-certificates.yml to >> deploy a custom certificates for the public hostname used for the master UI >> and API, but after the update via ansible the registry console doesn't work. >> >> We tried to restore the previous /etc/origin directory content on the >> master nodes and all works fine. >> >> Do we have to configure also the certificate for the registry before this >> update? >> >> Thanks, >> Marcello >> >> _______________________________________________ >> users mailing list >> users@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> >> >
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users