Skip to content

Need TLS certs re-created in test account. #8552

New issue
New issue
Open
Open
Need TLS certs re-created in test account.#8552
Labels
area/infra/awsIssues or PRs related to Kubernetes AWS infrastructurekind/bugCategorizes issue or PR as related to a bug.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.sig/k8s-infraCategorizes an issue or PR as relevant to SIG K8s Infra.
Milestone
v1.35
@zac-nixon

Description

@zac-nixon
zac-nixon
opened on Sep 24, 2025

Previous issue: #7328

We maintain the Kubernetes project LoadBalancer controller - https://github.com/kubernetes-sigs/aws-load-balancer-controller. We utilize some certs imported into ACM into 209411653980 to run E2E tests on each code check in. These certs have now expired and need to be regenerated, using these steps:
kubernetes-sigs/aws-load-balancer-controller#3391 (comment)

Instead of using 365 days expiry, could the expiry be changed to 3650 so we don't have to do this so often. Thank you!

This is the exact command:
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=US/ST=CA/L=San Francisco/O=MyOrg/OU=IT/CN=example.com" -addext "subjectAltName = DNS:*.elb.us-west-2.amazonaws.com"

Needs to be done 3 times and each cert / key should be uploaded to AWS ACM in account 209411653980, region = us-west-2. From there, we should just need the new ACM ARNs to update our test suite.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/infra/awsIssues or PRs related to Kubernetes AWS infrastructurekind/bugCategorizes issue or PR as related to a bug.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.sig/k8s-infraCategorizes an issue or PR as relevant to SIG K8s Infra.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions