Unused certificate for root domain? #754
Labels
enhancement
New feature or request
Comments
|
This should only be necessary if one chooses to go with a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Cognito and load balancer guides require user to create a wild card certificate for both the root domain(
*.example.com) and the subdomain(*.platform.example.com). The root domain cert is not attached to any resource and is unused after deployment.Upon investigation, I found that if the URL client accesses is
kubeflow.platform.example.com, the presented certificate must include a SAN covering eitherkubeflow.platform.example.comOR*.platform.example.com, it does not need anything at the parent domain. In fact, wildcards should also not be needed.Describe the solution you'd like
Need to investigate if there is reason for a client need to make a connection to
platform.example.comand if there isnt, remove the need for root domain certificate from deployment process.Only place
platform.example.comis used is for A record pointing to ALB which is not usable.The text was updated successfully, but these errors were encountered: