[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How to use extra trusted CA certs when pulling images for a builder





On Mon, Nov 11, 2019 at 10:47 PM Joel Pearson <japearson agiledigital com au> wrote:


On Tue, 12 Nov 2019 at 06:56, Ben Parees <bparees redhat com> wrote:
 

Can I use the “trustedCA” part of the proxy configuration without actually specifying an explicit proxy?

you should be able to.  Daneyon can you confirm?  (if you can't i'd consider it a bug).

It does work! Thanks for that. user-ca-bundle already existed and had my certificate in there, I just needed to reference user-ca-bundle in the proxy config.

cool, given that you supplied the CAs during install, and the user-ca-bundle CM was created, i'm a little surprised the install didn't automatically setup the reference in the proxyconfig resource for you.  I'm guessing it did not because there was no actual proxy hostname configured.  I think that's a gap we should close..would you mind filing a bug?  (bugzilla.redhat.com).  You can submit it against the install component.

 

apiVersion: config.openshift.io/v1
kind: Proxy
metadata:
  name: cluster
spec:
  trustedCA:
    name: user-ca-bundle


--
Ben Parees | OpenShift


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]