Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable use of system CA store for Conjur's SSL certificate verification #172

Open
1 of 3 tasks
sgnn7 opened this issue Sep 29, 2020 · 0 comments
Open
1 of 3 tasks

Enable use of system CA store for Conjur's SSL certificate verification #172

sgnn7 opened this issue Sep 29, 2020 · 0 comments
Labels
component/k8s kind/bug

Comments

@sgnn7
Copy link
Contributor

sgnn7 commented Sep 29, 2020

Summary

Currently, we strongly enforce that the user provides Conjur certificate via CONJUR_SSL_CERTIFICATE or CONJUR_CERT_FILE. This does not support a valid use case where the cert is installed on the system itself and the system CA store can be used.

Steps to Reproduce

Steps to reproduce the behavior:

  1. Don't set CONJUR_SSL_CERTIFICATE or CONJUR_CERT_FILE
  2. Run the authenticator

Expected Results

System CA store is used

Actual Results (including error logs, if applicable)

Error exit

Reproducible

  • Always
  • Sometimes
  • Non-Reproducible

Version/Tag number

Latest (0.18.1)

Environment setup

Any

Additional Information

Note: This use case may not be very common due to the fact that usual deployment is with a bare container containing just the binary but it's a valid one
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/k8s kind/bug
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sgnn7