Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: ApplicationGateway CRD's sslCertificates is not picked from kubernetes Secret #4112

Closed
SundarMunichamy opened this issue Jun 19, 2024 · 2 comments
Closed

Bug: ApplicationGateway CRD's sslCertificates is not picked from kubernetes Secret #4112

SundarMunichamy opened this issue Jun 19, 2024 · 2 comments
Assignees
@matthchr
Labels
bug 🪲 Something isn't working

Comments

@SundarMunichamy
Copy link

SundarMunichamy commented Jun 19, 2024
edited by theunrepentantgeek
Loading

**ASO V2 2.7.0 **

Describe the bug
ApplicationGateway CRD's sslCertificates is not picked from kubernetes Secret.

I am creating application gateway via ASO V2 operator and trying to attach the kubernetes secret containining the SSL certificates in pfx format. The certificate is password protected.

Piece of code :

  sslCertificates:
    - name: my-pfx-secret
      data:
        name: my-pfx-secret
        key: cert.pfx
      password:
        key: password
        name: my-pfx-secret-pwd

appgw.txt

( Attached the application gateway Custom resource yaml file )

To Reproduce
Steps to reproduce the behavior:

  1. Create the application gateway via the ASO v2
  2. Create the k8s secret in the same namespace with ssl certificate as pfx format .
  3. Create another k8s secret or same secret with password details and point in the custom resource.

Expected behavior
SSL certificate should be attached to application gateway in the pfx format

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.
@SundarMunichamy SundarMunichamy added the bug 🪲 Something isn't working label Jun 19, 2024
@matthchr
Copy link
Member

Can you share what error you're hitting?

I think you also asked about this on Slack and I shared this there:

How are you creating the Kuberentes secret w/ the base64'ed pfx data? using data or stringData section of Kubernetes Secret?
The documentation says the certificate needs to be base64 encoded, I think this means you need to put base64 data into stringData. If you're instead filling out data I actually think it needs to be base64 encoded twice (because it'll be decoded once when read from the k8s secret and then supplied to Azure w/ the resulting value of that b64-decode)

What does "not picked up" mean - as on Slack it seemed like it was picked up but was mis-formatted (possibly due to the above?)

@matthchr matthchr added the waiting-on-user-response Waiting on more information from the original user before progressing. label Jun 24, 2024
@matthchr
Copy link
Member

matthchr commented Jul 15, 2024
edited
Loading

Closing this because there was no response. Please reply or reopen here if you have further questions.

@matthchr matthchr removed the waiting-on-user-response Waiting on more information from the original user before progressing. label Jul 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@matthchr matthchr

Labels
bug 🪲 Something isn't working
Projects
Azure Service Operator Roadmap
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@theunrepentantgeek @matthchr @SundarMunichamy