Use ECDSA P-256 private keys for cert-manager certificates#1973
Conversation
Switch all cert-manager Certificate resources from the default RSA algorithm to ECDSA P-256. This applies to webhook serving certs, metrics server certs, and all operator bindata certificates. The sync-bindata.sh script is updated accordingly. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Francesco Pantano <fpantano@redhat.com>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: fmount The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
OpenStackControlPlane CRD Size Report
Threshold reference
|
|
Build failed (check pipeline). Post ❌ openstack-k8s-operators-content-provider FAILURE in 4m 01s |
|
@fmount: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Switch all
cert-managerCertificateresources from the defaultRSAalgorithm toECDSAP-256. This applies towebhookserving certs,metricsserver certs, and all operatorbindatacertificates. Thesync-bindata.shscript is updated accordingly (and it properly regenerates all the services files).Jira: https://redhat.atlassian.net/browse/OSPRH-27314