Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Certificate not synced when using Private CA #735

Closed
RafalMaleska opened this issue Jun 21, 2021 · 1 comment · Fixed by #746
Closed

Certificate not synced when using Private CA #735

RafalMaleska opened this issue Jun 21, 2021 · 1 comment · Fixed by #746
Labels
bug Something isn't working

Comments

@RafalMaleska
Copy link

RafalMaleska commented Jun 21, 2021
edited

What happened?

When creating certificate which is referencing a private CA, the managed resource is SYNCED=false.
The reason is: "failed to update the Certificate resource: InvalidStateException: The UpdateCertificateOptions command is not permitted for private certificates."

How can we reproduce it?

Create certificate which is referencing a private CA with crossplane/provider aws

apiVersion: acm.aws.crossplane.io/v1alpha1
kind: Certificate
metadata:
  name: poc-certificate
spec:
  forProvider:
    region: eu-central-1 
    renewCertificate: true
    certificateAuthorityARN: arn:aws:acm-pca:eu-central-1:123456789:certificate-authority/xxxx-yyyy-zzzz
    domainName: "*.mesh-pca.svc.cluster.local"
    certificateTransparencyLoggingPreference: DISABLED
  providerConfigRef:
    name: dev-123456789

What environment did it happen in?

Crossplane version: v1.1.0
Provider AWS: v0.19.0
@RafalMaleska RafalMaleska added the bug Something isn't working label Jun 21, 2021
haarchri added a commit to haarchri/provider-aws that referenced this issue Jun 26, 2021
@haarchri
fix(acm): crossplane-contrib#735 fixed synced false for private ca
74b73a1 
Signed-off-by: Christopher Haar <chhaar30@googlemail.com>
@haarchri haarchri mentioned this issue Jun 26, 2021
Merged
2 tasks
@haarchri
Copy link
Member

hi @RafalMaleska
i added a MR and used the following configuration:

apiVersion: acm.aws.crossplane.io/v1alpha1
kind: Certificate
metadata:
  name: poc-certificate
spec:
  forProvider:
    region: eu-central-1 
    certificateAuthorityARN: arn:aws:acm-pca:eu-central-1:255932642927:certificate-authority/e6a6ac34-056a-49b3-802c-3b446580d9a4
    domainName: "*.mesh-pca.svc.cluster.local"
    certificateTransparencyLoggingPreference: DISABLED
    tags:
    - key: Name
      value: example
  providerConfigRef:
    name: default

NAME                                                DOMAINNAME                     STATUS   READY   SYNCED   AGE
certificate.acm.aws.crossplane.io/poc-certificate   *.mesh-pca.svc.cluster.local   ISSUED   True    True     3m19s

image

hasheddan added a commit that referenced this issue Jun 26, 2021
@hasheddan
Merge pull request #746 from haarchri/acm
0d44ab4 
Fixes #735 acm - fixed synced false when using private ca
negz pushed a commit to negz/provider-aws that referenced this issue Nov 11, 2021
@haarchri @negz
fix(acm): crossplane-contrib#735 fixed synced false for private ca
104254c 
Signed-off-by: Christopher Haar <chhaar30@googlemail.com>
tektondeploy pushed a commit to gtn3010/provider-aws that referenced this issue Mar 12, 2024
@sergenyalcin
Merge pull request crossplane-contrib#735 from sergenyalcin/aws-not-t…
64ea435 
…ested-4

Add some (58) AWS configurations without testing - V
tektondeploy pushed a commit to gtn3010/provider-aws that referenced this issue Mar 12, 2024
@ytsarev
Merge pull request crossplane-contrib#735 from haarchri/feature/dms-e…
e5eefb1 
…ndpoint-iam-role-ref

feat(dms): endpoint: service_access_role ref/selector
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #735 acm - fixed synced false when using private ca haarchri/provider-aws
2 participants
@RafalMaleska @haarchri