Hi folks, On 3/26/19 4:48 PM, Harald Dunkel wrote:
Problem is: I see all certificates in /etc/origin/master and especially /etc/origin/master/named_certificates, but apparently the web interface doesn't use it. openssl tells me: % openssl s_client -connect okd01.example.com:8443 depth=1 CN = openshift-signer@1553169466 verify error:num=19:self signed certificate in certificate chain CONNECTED(00000003) --- Certificate chain 0 s:/CN=172.19.96.96 i:/CN=openshift-signer@1553169466 1 s:/CN=openshift-signer@1553169466 i:/CN=openshift-signer@1553169466 --- : :
This seems to come up only, if the web browser runs in the same subnet as the web interface. If the browser runs in another subnet (e.g. on my laptop connected via IPsec), then I see the expected certificate chain. Every helpful comment is highly appreciated Harri _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
