[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How to use extra trusted CA certs when pulling images for a builder



I've now discovered that the cluster-samples-operator doesn't seem honour the proxy settings, and I see lots of errors in the cluster-samples-operator-xxxx pod logs

time="2019-11-12T04:15:49Z" level=warning msg="Image import for imagestream dotnet tag 2.1 generation 2 failed with detailed message Internal error occurred: Get https://registry.redhat.io/v2/: x509: certificate signed by unknown authority"

Is there a way to get that operator to use the same user-ca-bundle?

On Tue, 12 Nov 2019 at 14:46, Joel Pearson <japearson agiledigital com au> wrote:


On Tue, 12 Nov 2019 at 06:56, Ben Parees <bparees redhat com> wrote:
 

Can I use the “trustedCA” part of the proxy configuration without actually specifying an explicit proxy?

you should be able to.  Daneyon can you confirm?  (if you can't i'd consider it a bug).

It does work! Thanks for that. user-ca-bundle already existed and had my certificate in there, I just needed to reference user-ca-bundle in the proxy config.

apiVersion: config.openshift.io/v1
kind: Proxy
metadata:
  name: cluster
spec:
  trustedCA:
    name: user-ca-bundle



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]