Azure/azure-service-operator

Bug: ApplicationGateway CRD's sslCertificates is not picked from kubernetes Secret

Closed this issue · 2 comments

**ASO V2 2.7.0 **

Describe the bug
ApplicationGateway CRD's sslCertificates is not picked from kubernetes Secret.

I am creating application gateway via ASO V2 operator and trying to attach the kubernetes secret containining the SSL certificates in pfx format. The certificate is password protected.

Piece of code :

  sslCertificates:
    - name: my-pfx-secret
      data:
        name: my-pfx-secret
        key: cert.pfx
      password:
        key: password
        name: my-pfx-secret-pwd

appgw.txt

( Attached the application gateway Custom resource yaml file )

To Reproduce
Steps to reproduce the behavior:

  1. Create the application gateway via the ASO v2
  2. Create the k8s secret in the same namespace with ssl certificate as pfx format .
  3. Create another k8s secret or same secret with password details and point in the custom resource.

Expected behavior
SSL certificate should be attached to application gateway in the pfx format

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.

Can you share what error you're hitting?

I think you also asked about this on Slack and I shared this there:

How are you creating the Kuberentes secret w/ the base64'ed pfx data? using data or stringData section of Kubernetes Secret?
The documentation says the certificate needs to be base64 encoded, I think this means you need to put base64 data into stringData. If you're instead filling out data I actually think it needs to be base64 encoded twice (because it'll be decoded once when read from the k8s secret and then supplied to Azure w/ the resulting value of that b64-decode)

What does "not picked up" mean - as on Slack it seemed like it was picked up but was mis-formatted (possibly due to the above?)

Closing this because there was no response. Please reply or reopen here if you have further questions.