-
Notifications
You must be signed in to change notification settings - Fork 139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
krr cannot connect to clusters using certificates signed by a private CA, stored in system CA store #160
Comments
Hey, this sounds like a bug. Any interest in contributing a PR for this? |
I had the same issue. Installing module pip_system_certs solved it. |
I spent quite a lot of time, tried importing certificates into macos keychain and so on but it didn't work. |
Yes, we should be able to add something like that. Slightly off-topic, but we're currently doing user interviews to prioritize issues for KRR next year. If any of you are open to participating, can you please message me (Natan Yellin) on the Robusta slack. We'll send every participant a "Chief YAML Officer T-shirt" in appreciation. |
Just add insecure-skip-tls-verify: true inside cluster item in your kubeconfig file.
|
For me this does not seem to work for kubernetes calls, because the kubernetes lib uses urllib3 directly and not requests which is patched by the module pip_system_certs. But the insecure-skip-tls-verify: true in the kube config file definitely works. |
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Expected behavior
krr
should be able to connect to the cluster, just as kubectl is able to.Logs
Desktop (please complete the following information):
Additional context
Even providing an "insecure" option would be helpful. Right now I need to run a local proxy that
krr
can connect to, which is a pain.The text was updated successfully, but these errors were encountered: