You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
using kind: RabbitmqCluster
and set both spec.tls.secretName and spec.tls.caSecretName, the operator set the same value for both files, being this value the CA cert.
To Reproduce
Steps to reproduce the behavior:
this are the manifests I have deploy (I am using cert manager and nginx controller)
reference:
3. Exec sh in pod and check cert files in /etc/rabbitmq-tls folder
4. If in RabbitmqCluster, I set only secretName it works, but I can't use mlts:
Expected behavior
/etc/rabbitmq-tls/tls.crt and /etc/rabbitmq-tls/ca.crt should be different, the first one is the server cert, the second is the CA used to validate client certificate.
rabbitmq@rabbitmq2-server-0:/$ cat /etc/rabbitmq-tls/ca.crt
-----BEGIN CERTIFICATE-----
xxxxx
-----END CERTIFICATE-----```
being xxxxx the same content...
## Version and environment information
- RabbitMQ: 3.13.1
- RabbitMQ Cluster Operator: 2.8.0
- Kubernetes: v1.27.2
- Cloud provider or hardware configuration: running in OKE
The text was updated successfully, but these errors were encountered:
michaelklishin
changed the title
/etc/rabbitmq-tls/tls.crt is reemplaced with CA when using both secretName and caSecretName
/etc/rabbitmq-tls/tls.crt is overwritten with CA certificate when both secretName and caSecretName are set
May 31, 2024
Describe the bug
using kind: RabbitmqCluster
and set both spec.tls.secretName and spec.tls.caSecretName, the operator set the same value for both files, being this value the CA cert.
To Reproduce
Steps to reproduce the behavior:
reference:
3. Exec sh in pod and check cert files in /etc/rabbitmq-tls folder
4. If in RabbitmqCluster, I set only secretName it works, but I can't use mlts:
Expected behavior
/etc/rabbitmq-tls/tls.crt and /etc/rabbitmq-tls/ca.crt should be different, the first one is the server cert, the second is the CA used to validate client certificate.
Other details
The text was updated successfully, but these errors were encountered: