-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: gen-pkcs12-keystore adds ca.crt input option if it exists (#684) #685
base: main
Are you sure you want to change the base?
fix: gen-pkcs12-keystore adds ca.crt input option if it exists (#684) #685
Conversation
Thanks for the fix here @smoldenhauer-ish ! Is there a way we can add an integration test, which we already have that use cert-manager, to test this? They currently live in |
I'll need to have a look into solrcloud_tls_test.go and see if I am able to understand it and can add a test in the next days. |
…e#684) * Apply suggestions from code review Co-authored-by: Houston Putman <[email protected]>
…e#684) * add e2e test generating keystore with init container
@HoustonPutman applied your suggestions and added a test that will omit the initial creation of the keystore by the cert-manager and invokes the gen-pkcs12-keystore init container. The shell command executes but the openssl fails with the error: "No certificate matches private key" |
…e#684) * use -certfile option for ca.crt if present * add to changelog
I changed the double "-in" option into "-certfile ca.crt" to add the additional certificate(s) from an ca.crt entry into the created keystore.p12 With the -certfile option the additional ca.crt is added - the generated keystore.p12 contains the both certificates just like the cert-manager generated keystore. |
Hope this is good for merge, now. |
No description provided.