Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v15] Correctly reissue certificates for leaf resources in tsh proxy kube #41158

Merged
merged 1 commit into from
May 2, 2024
Merged

[v15] Correctly reissue certificates for leaf resources in tsh proxy kube #41158

merged 1 commit into from
May 2, 2024

Conversation

rosstimothy
Copy link
Contributor

Backport #41046 to branch/v15

changelog: Fix a bug that was preventing tsh proxy kube certificate renewal from working when accessing a leaf kubernetes cluster via the root.

@rosstimothy
Correctly reissue certificates for leaf resources in tsh proxy kube
3f10dba 
When renewing certificates the RouteToCluster was always being set
to the root cluster instead of the leaf cluster. This causes issues
with per session mfa because the root cluster can't find the target
kubernetes cluster which causes the renewal process to fail. Now
during renewal the RouteToCluster is copied from the active user
certificate if it existed.

Closes #41022.
@rosstimothy rosstimothy marked this pull request as ready for review May 2, 2024 17:04
@public-teleport-github-review-bot public-teleport-github-review-bot bot removed the request for review from Joerger May 2, 2024 18:10
@rosstimothy rosstimothy added this pull request to the merge queue May 2, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks May 2, 2024
@rosstimothy rosstimothy added this pull request to the merge queue May 2, 2024
Merged via the queue into branch/v15 with commit d9d2536 May 2, 2024
37 checks passed
@rosstimothy rosstimothy deleted the bot/backport-41046-branch/v15 branch May 2, 2024 20:22
@josh-ferrell josh-ferrell mentioned this pull request May 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@strideynet strideynet strideynet approved these changes

@capnspacehook capnspacehook capnspacehook approved these changes

Assignees
No one assigned
Labels
backport size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rosstimothy @strideynet @capnspacehook