Support Tip: "Could not issue certificates" error and cluster pods go down

0 Likes

Many pods are in Status Crashloopback off. By default, the CDF root CA certificate is valid for 10 years. When you set the issue certificates TTL to 10 years, the issued certificates soon have an end date that's after the root CA certificate end date. In this situation, OpenSSL returns an error when you try to issue a certificate, and most of the pods in the cluster will go down with a certificate issuance error.

Read the resolution for this issue and the full Support Tip here.



Jessica Roth

Micro Focus Community Manager
If this answered your question, please mark it as "Suggest as Answer" or "Verify as Answer".
If you found this post useful, please give it a "Like".

Labels:

Support Tip
Comment List
Anonymous
Related Discussions
Recommended