[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

router certificate question

Hey all,


I have a cluster where we use an external HAProxy to terminate SSL and send traffic to the routers in the OpenShift cluster, so the routes within the cluster do not use TLS. It looks like when this cluster was setup, default certificates were given to the routers and are expiring soon (I get this when running the ansible easy-mode.yaml):


"router": [


          "cert_cn": "OU=Domain Control Validated:, CN=*.<redacted>.com:, DNS:*. <redacted>.com, DNS: <redacted>.com",

          "days_remaining": 11,

          "expiry": "2017-12-17 20:13:24",

          "health": "warning",

          "path": "/api/v1/namespaces/default/secrets/router-certs",

          "serial": <redacted>,

          "serial_hex": "<redacted>"




My question is, is it OK to let this expire without taking any action? How can I safely remove the default certificates to remove the warnings in the future?



Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]