You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We request the ability to modify the CA certificate's Duration and ExpiryWindow in the Helm chart, similar to how we can modify these values for node and client certificates.
Why this feature is needed
The default duration is 90 days. When the node certificates have a duration exceeding 90 days, the nodes fail to authenticate because the CA certificate used to create them must remain valid for the node certificate to be valid. Therefore, it is essential to have a CA certificate duration longer than the node certificate duration. Since the default value for node certificate duration is 8760h, they become invalid before getting expire. This feature is necessary to ensure seamless authentication without any manual intervention.
The text was updated successfully, but these errors were encountered:
Request
We request the ability to modify the CA certificate's Duration and ExpiryWindow in the Helm chart, similar to how we can modify these values for node and client certificates.
Why this feature is needed
The default duration is 90 days. When the node certificates have a duration exceeding 90 days, the nodes fail to authenticate because the CA certificate used to create them must remain valid for the node certificate to be valid. Therefore, it is essential to have a CA certificate duration longer than the node certificate duration. Since the default value for node certificate duration is 8760h, they become invalid before getting expire. This feature is necessary to ensure seamless authentication without any manual intervention.
The text was updated successfully, but these errors were encountered: