This repository has been archived by the owner on Jul 15, 2021. It is now read-only.
Post /dex/token: x509: certificate signed by unknown authority #180
Comments
|
what version of gangway are you using ? #119 mentions that |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello.
I am trying to set up gangway + dex +Active Directory for ldap authentification in kubernetes.
I follow the steps:
What am I doing wrong?
my setup:
kind: Service
apiVersion: v1
metadata:
name: gangwaysvc
namespace: gangway
labels:
app: gangway
spec:
type: ClusterIP
ports:
- name: "http"
protocol: TCP
port: 80
targetPort: "http"
selector:
app: gangway
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: gangway
namespace: gangway
annotations:
#kubernetes.io/tls-acme: "true"
#cert-manager.io/cluster-issuer: "letsencrypt-production"
spec:
tls:
hosts:
rules:
http:
paths:
serviceName: gangwaysvc
servicePort: http
apiVersion: v1
kind: ConfigMap
metadata:
name: gangway
namespace: gangway
data:
gangway.yaml: |
clusterName: "kubernetes"
authorizeURL: "https://dex.os33dev.net/dex/auth" #replace the domain name with your domain
tokenURL: "https://dex.os33dev.net/dex/token" #replace the domain name with your domain
scopes: ["openid", "profile", "email", "offline_access", "groups"]
redirectURL: "https://gangway.os33dev.net/callback" #replace the domain name with your domain
clientID: "gangway"
clientSecret: "Iz2Y51oWZSeF3n5gmeBH9ZHPncJU0JK8v4842o8XQ5s="
usernameClaim: "sub"
emailClaim: "email"
apiServerURL: https://k8sdev.dev3.os33.net:6443 #This should be your k8s API URL example https://name.domain.com:6443
kubernetes is bare metal and created via it's own CA
for dex and gangway i use external cert *os33dev.net:
gangway pod logs:
I also trired to use
trustedCAPath "/etc/gangway/tls/tls.crt" and put certificate chain for *.os33dev.net certificate but no luck
Please help
The text was updated successfully, but these errors were encountered: