Skip to content

Commit

Permalink
Fix JOSE Rotation (#72)
Browse files Browse the repository at this point in the history 
Evidently cert-manager doesn't actually rotate the private key unless
you tell it to, which is kinda annoying as you get the same public key
for subsequent certificates, and the same key ID, which bascially
prevents authentication from ever working!
  • Loading branch information
@spjmurray
spjmurray authored Jun 11, 2024
1 parent fb6a7bb commit b3b3e5a
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions charts/identity/templates/identity/certificate.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ spec:
algorithm: ECDSA
encoding: PKCS8
size: 521
rotationPolicy: Always
commonName : Unikorn Server JOSE Key
secretName: unikorn-identity-jose-tls
# Twice the duration to caterfor overlap, then convert to hours (2 * 24).
Expand Down

0 comments on commit b3b3e5a

Please sign in to comment.