-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use different secrets for TLS and self-signed-cert #14176
Use different secrets for TLS and self-signed-cert #14176
Conversation
E2E Happy path tests of Eclipse Che Single User on K8S (minikube v1.1.1) has failed:
|
@sleshchenko: PR check has been failed because it uses Jenkinsfile now, which has been merged in master tonight. So, it requires to take changes from master. |
Signed-off-by: Sergii Leshchenko <sleshche@redhat.com>
3025112
to
7c7128a
Compare
@dmytro-ndp Thanks for notifying me, rebased against master. |
E2E Happy path tests of Eclipse Che Single User on K8S (minikube v1.1.1) has failed:
|
removing |
What does this PR do?
It's like a best practice to generate CA certificate, propagate it to clients to configure their trust stores.
And generate another non-CA certificate based on CA for establishing https connection.
See https://wiki.mozilla.org/SecurityEngineering/x509Certs
https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309
So, this PR adds an ability to configure TLS cert for ingresses and CA cert for trust stores separately.
What issues does this PR fix or reference?
#14035
Release Notes
N/A
Docs PR
N/A