Kubernetes Ingress TLS sets certificate only (not full chain)

Chris03 · August 4, 2020, 3:57pm

Hi ! I have a valid certificate & chain in Octopus’s Certificate store.

I’m deploying a kubernetes container and the “Ingress TLS” step uses the cert. via variable:

However, after the deploy, only the certificate is sent to Kubernetes, it’s missing the chain certificate:

Any suggestions on how to get the full certificate chain to kubernetes ?

The tls.crt should look like this:

-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
-----BEGIN INTERMEDIATE CERTIFICATE-----
...
-----END INTERMEDIATE CERTIFICATE-----

My server’s version: 2020.2.16

Justin_Walsh · August 4, 2020, 4:12pm

Hi @Chris03!

Thanks for reaching out - we’ve recently identified this issue in Octopus, and pushed a fix for it. Sadly, it won’t be out until 2020.4, but if you take a look at the Issue, you should be able to use the workaround listed for now.

I hope this helps!

Chris03 · August 4, 2020, 4:28pm

Good to know, didn’t see that issue.
I’ll setup the workaround until the update.

Thanks a lot.

system · September 4, 2020, 4:28pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.