Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix ECDSA certificate issuance with ACME issuer #1757

Merged
merged 2 commits into from
Jun 7, 2019
Merged

Fix ECDSA certificate issuance with ACME issuer #1757

merged 2 commits into from
Jun 7, 2019

Conversation

munnerz
Copy link
Member

@munnerz munnerz commented Jun 6, 2019

What this PR does / why we need it:

We previously always generated a 2048 bit RSA private key in the ACME issuer even if an ECDSA key was requested. This also meant we'd have an RSA private key with an ECDSA certificate in issued certificates.

Which issue this PR fixes: fixes #1741

Release note:

Fix bug causing ECDSA certificates to be issued using 2048-bit RSA private keys

/milestone v0.8

@munnerz
Fix ECDSA certificate issuance with ACME issuer
e75bd2f 
Signed-off-by: James Munnelly <james@munnelly.eu>
@jetstack-bot jetstack-bot added release-note Denotes a PR that will be considered when it comes time to generate release notes. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. labels Jun 6, 2019
@jetstack-bot jetstack-bot added this to the v0.8 milestone Jun 6, 2019
@jetstack-bot jetstack-bot added area/acme Indicates a PR directly modifies the ACME Issuer code area/testing Issues relating to testing labels Jun 6, 2019
@jetstack-bot jetstack-bot requested a review from kragniz June 6, 2019 16:06
@jetstack-bot jetstack-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Jun 6, 2019
@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: munnerz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 6, 2019
@munnerz munnerz mentioned this pull request Jun 6, 2019
Closed
kragniz
kragniz reviewed Jun 6, 2019
View reviewed changes
Copy link
Contributor

@kragniz kragniz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Jun 6, 2019
@munnerz
Copy link
Member Author

munnerz commented Jun 6, 2019

/retest

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

13 similar comments
@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@retest-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to jetstack).
Review the full test history for this PR.
Silence the bot with an /lgtm cancel comment for consistent failures.

@munnerz
Copy link
Member Author

munnerz commented Jun 7, 2019

/lgtm cancel

@jetstack-bot jetstack-bot removed the lgtm Indicates that a PR is ready to be merged. label Jun 7, 2019
@munnerz
Override namespace when creating Certificate
fd40b6b 
Signed-off-by: James Munnelly <james@munnelly.eu>
@munnerz munnerz added the lgtm Indicates that a PR is ready to be merged. label Jun 7, 2019
@munnerz
Copy link
Member Author

munnerz commented Jun 7, 2019

/retest

@jetstack-bot jetstack-bot merged commit 9c6d81a into cert-manager:master Jun 7, 2019
@munnerz munnerz deleted the fix-acme-ecdsa branch June 7, 2019 14:03
@munnerz
Copy link
Member Author

munnerz commented Jun 11, 2019

/cherrypick release-0.8

@jetstack-bot jetstack-bot mentioned this pull request Jun 11, 2019
Merged
@jetstack-bot
Copy link
Contributor

@munnerz: new pull request created: #1772

In response to this:

/cherrypick release-0.8

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kragniz kragniz kragniz left review comments

Assignees

@kragniz kragniz

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/acme Indicates a PR directly modifies the ACME Issuer code area/testing Issues relating to testing dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v0.8
Development

Successfully merging this pull request may close these issues.

Temporary certificate wrong algorithm
4 participants
@munnerz @jetstack-bot @retest-bot @kragniz