You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@openwhisk.apache.org by GitBox <gi...@apache.org> on 2021/11/11 20:10:13 UTC
[GitHub] [openwhisk-deploy-kube] paul42 commented on issue #711: What is correct way to use self-signed certs in ow install?
paul42 commented on issue #711:
URL: https://github.com/apache/openwhisk-deploy-kube/issues/711#issuecomment-966591560
I'm doing more testing, but @style95 was able to help me in the openwhisk slack -
essentially you have to pass your `Chained Cert` which is the leaf cert and all the previous certs leading back to the CA to nginx
```
whisk:
auth:
guest: newlyGeneratedetc:etc
system: newlyGeneratedetc:etc
ingress:
apiHostName: <Domain with cert>
apiHostPort: 443
apiHostProto: https
type: Standard
domain: <Domain with cert>
annotations:
kubernetes.io/ingress.class: nginx
tls:
secretname: ow-tls
create: false
enabled: true
invoker:
kubernetes:
replicaCount: 2
containerFactory:
impl: "kubernetes"
k8s:
persistence:
enabled: true
hasDefaultStorageClass: false
explicitStorageClass: openebs-hostpath
nginx:
httpsNodePort: 31002
certificate:
external: true
cert_file: ".crt that is same as domain and contains certs leading back to CA"
key_file: ".key that is same as domain"
```
I'm still testing to see what the right helm values are, but I'm able to do a `wsk action list` without the cert warning
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@openwhisk.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org