Openshift redeploy certificates playbooks fail when expiration date is less than 365 days
Issue
All Openshift redeploy certificates playbooks fails constantly when expiration date of the current certificates is equal or less than a number of days (usually 365 days), preventing the certificates dates to be extended.
2019-03-11 15:28:07,290 p=27462 u=root | TASK [openshift_certificate_expiry : Fail when certs are near or already expired] *********************************************************************
********************************************
2019-03-11 15:28:07,313 p=27462 u=root | task path: /usr/share/ansible/openshift-ansible/roles/openshift_certificate_expiry/tasks/main.yml:39
2019-03-11 15:28:07,313 p=27462 u=root | Monday 11 March 2019 15:28:07 +0100 (0:00:04.732) 0:02:34.544 **********
2019-03-11 15:28:07,792 p=27462 u=root | fatal: [master1.example.com]: FAILED! => {
"changed": false,
"msg": "Cluster certificates found to be expired or within 365 days of expiring. You may view the report at /root/cert-expiry-report.20190311T150314.html or /root/cert-expiry-report.2019031
1T150314.json.\n"
}
2019-03-11 15:28:07,957 p=27462 u=root | fatal: [master2.example.com]: FAILED! => {
"changed": false,
"msg": "Cluster certificates found to be expired or within 365 days of expiring. You may view the report at /root/cert-expiry-report.20190311T150314.html or /root/cert-expiry-report.2019031
1T150314.json.\n"
}
2019-03-11 15:28:08,610 p=27462 u=root | fatal: [master3.example.com]: FAILED! => {
"changed": false,
"msg": "Cluster certificates found to be expired or within 365 days of expiring. You may view the report at /root/cert-expiry-report.20190311T150314.html or /root/cert-expiry-report.2019031
1T150314.json.\n"
}
Environment
Openshift Container Platform 3.11
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
