Hi @jasonrojas / @Eugene7
Apologies for the late response.
I tried using full path, as wel as supplying the CA cert. unfortunately, I am still getting the same error.
Furthermore, I tried
- Upgrading to OpenSearch 2.13.0,
- Concatenating intermediate certificate to the CA cert and keeping only node cert to pem_file: Opensearch security plugin with certificate chain - #2 by pablo
- Using self-signed certificates
- Importing the Root CA certificate to Java truststore with keytool inside of the pod
- Using ISRG Root X1 and Amazon Root CA 1.
What’s odd is that if I use the same configuration and same certificates to spin up a new OpenSearchCluster, it works. However, when updating the certificate, I get this error.
I would have tried to use the PKCS#12/JKS instead of PKCS#8, but the secrets issued by cert manager do not include a truststore.