From 5d16e6b2b947255e7de0c8d2c907d6c5b8c7a836 Mon Sep 17 00:00:00 2001 From: Cody Hoag Date: Fri, 8 Oct 2021 13:17:39 -0400 Subject: [PATCH] Known issue for ASH internal CAs --- release_notes/ocp-4-9-release-notes.adoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/release_notes/ocp-4-9-release-notes.adoc b/release_notes/ocp-4-9-release-notes.adoc index aef29c9ba9..bab758d9de 100644 --- a/release_notes/ocp-4-9-release-notes.adoc +++ b/release_notes/ocp-4-9-release-notes.adoc @@ -1714,6 +1714,8 @@ This script removes unauthenticated subjects from the following cluster role bin * The SR-IOV network configuration daemon pod will cordon the node and mark it as unschedulable. It will use the add or delete `SriovNetworkNodePolicy` custom resource (CR) before waiting for the `syncStatus` of the CR to change to `Succeeded`. As a temporary workaround, before adding or deleting a `SriovNetworkNodePolicy` CR, make sure the `syncStatus` of the `SriovNetworkNodeState` CRs is in the `Succeeded` state. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2002508[*BZ#2002508*]) +* You can only install {product-title} on Azure Stack Hub with public endpoints, such as the ARM endpoint, that are secured with certificates signed by a publicly trusted certificate authority (CA). Support for internal CAs will be added in a future z-stream release of {product-title}. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2012173[*BZ#2012173*]) + * Cluster administrators can specify a custom HTTP error code response page for either 503, 404, or both error pages. The router does not reload to reflect custom error code pages updates. As a workaround, rsh in the router pods and run `reload-haproxy` in all the router pods that serve the custom http error code pages: + [source,terminal]