Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] CommonName field in certificates may be too long #964

Open
ebaron opened this issue Oct 22, 2024 · 0 comments · May be fixed by #968
Open

[Bug] CommonName field in certificates may be too long #964

ebaron opened this issue Oct 22, 2024 · 0 comments · May be fixed by #968
Assignees
Labels
bug Something isn't working

Comments

@ebaron
Copy link
Member

ebaron commented Oct 22, 2024

There's a requirement that the spec.CommonName field of certificates be at most 64 characters. We should change our certificates to use constant short values for common name:

2024-10-22T20:17:49Z ERROR Reconciler error {"controller": "cryostat", "controllerGroup": "operator.cryostat.io", "controllerKind": "Cryostat", "Cryostat": {"name":"cryostat-sample","namespace":"cryostat-operator-system"}, "namespace": "cryostat-operator-system", "name": "cryostat-sample", "reconcileID": "c9d0f0c3-6727-4d81-8d77-df7fe3978012", "error": "admission webhook \"webhook.cert-manager.io\" denied the request: spec.commonName: Too long: must have at most 64 bytes"}

Each certificate already uses DNSNames, which override CommonName for hostname verification.

@ebaron ebaron added the bug Something isn't working label Oct 22, 2024
@andrewazores andrewazores moved this to Backlog in 4.0.0 release Nov 4, 2024
@andrewazores andrewazores self-assigned this Nov 5, 2024
@andrewazores andrewazores moved this from Backlog to In progress in 4.0.0 release Nov 5, 2024
@andrewazores andrewazores linked a pull request Nov 5, 2024 that will close this issue
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
Status: In progress
Development

Successfully merging a pull request may close this issue.

2 participants