spec.commonName: Too long: must have at most 64 bytes

[teplydat]

I got the error message: "error":"could not create user certificate: admission webhook \"webhook.cert-manager.io\" denied the request: spec.commonName: Too long: must have at most 64 bytes"

I think you are aware of this possible problem (mentioned in https://github.com/Orange-OpenSource/nifikop/issues/21). I think its not a good idea to allow more than 64 bytes for the CN or DNS because of RFC standards.

If I have a look on the CN: "nifi-0-node.nifi-headless.name-space-longername.svc.cluster.local" (65 bytes) I can separate it in the following pieces:

nifi (name already quite short)
-0-node (to have a unique name for the nifi nodes)
nifi-headless (quite long)
namespace-longer-name (=namespace)
.svc.cluster.local (k8s specific. probably not changable)

What is your plan about that topic? Can we shorten something?