https://rancher.com/ logo
#k3s
Title
# k3s
a

adamant-kite-43734

03/29/2023, 10:21 AM
This message was deleted.
b

breezy-autumn-81048

03/29/2023, 11:33 AM
I have verified that it's enough to add root CA to the pod so it could access GHES by creating the certificate file in the pods directory /etc/ssl/certs and then I added it to the curl command:
Copy code
curl -v <https://github.myexample.com> --cacert /etc/ssl/certs/rootCA.crt
Would be good to understand where that root CA should be added in K3S so pods could use it.
r

refined-analyst-8898

03/29/2023, 12:29 PM
You might use trust-manager to distribute CAs to namespaces after creating a k8s secret or configmap containing the trusted CA certificate.
That would compose a CA bundle as yet another configmap which may then be mounted on any container for use by an application.
b

breezy-autumn-81048

03/31/2023, 2:32 PM
Hi, Thank you for your reply! I created a configMap and then attacked it directly in the deployment. That helped to solve an issue.
154 Views