Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document External Service certificates #1370

Open
pennytextures opened this issue Jun 21, 2023 · 5 comments
Open

Document External Service certificates #1370

pennytextures opened this issue Jun 21, 2023 · 5 comments
Labels
kind/feature New feature triage/accepted The issue was reviewed and is complete enough to start working on it

Comments

@pennytextures
Copy link

Description

The documentation for External Service configuration is lacking.

How does referencing certs by secret work? Could you give examples? inline works, but referencing a secret does not, does it need the namespace?

It's not clear what format it expects certificates also, I experimentally showed that caCerts takes a list of certs and will verify with whatever works.

It also seems to work with a cert for the client cert, but not a chain, which I had to figure out by trial and error.

It'd also be nice if you could disable hostname validation, but still verify the certificate against a caCert provided.
@pennytextures pennytextures added kind/feature New feature triage/pending This issue will be looked at on the next triage meeting labels Jun 21, 2023
@bartsmykla bartsmykla transferred this issue from kumahq/kuma Jun 21, 2023
@jakubdyszkiewicz jakubdyszkiewicz added triage/accepted The issue was reviewed and is complete enough to start working on it and removed triage/pending This issue will be looked at on the next triage meeting labels Jun 26, 2023
@jakubdyszkiewicz jakubdyszkiewicz mentioned this issue Jun 26, 2023
Closed
@jakubdyszkiewicz
Copy link
Contributor

Triage: we should provide more examples. We should also leave the link to page about Kuma Secrets and what is the expected format.

It'd also be nice if you could disable hostname validation, but still verify the certificate against a caCert provided

kumahq/kuma#7121

@github-actions github-actions bot added the triage/stale Inactive for some time. It will be triaged again label Sep 25, 2023
@github-actions
Copy link
Contributor

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed.
If you think this issue is still relevant, please comment on it or attend the next triage meeting.

@michaelbeaumont michaelbeaumont removed the triage/stale Inactive for some time. It will be triaged again label Oct 4, 2023
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 3, 2024

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed.
If you think this issue is still relevant, please comment on it or attend the next triage meeting.

@github-actions github-actions bot added the triage/stale Inactive for some time. It will be triaged again label Jan 3, 2024
@jakubdyszkiewicz jakubdyszkiewicz removed the triage/stale Inactive for some time. It will be triaged again label Jan 8, 2024
@github-actions github-actions bot added the triage/stale Inactive for some time. It will be triaged again label Apr 8, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 8, 2024

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed.
If you think this issue is still relevant, please comment on it or attend the next triage meeting.

@lukidzi lukidzi removed the triage/stale Inactive for some time. It will be triaged again label Apr 8, 2024
@github-actions github-actions bot added the triage/stale Inactive for some time. It will be triaged again label Jul 8, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 8, 2024

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed.
If you think this issue is still relevant, please comment on it or attend the next triage meeting.

@jakubdyszkiewicz jakubdyszkiewicz removed the triage/stale Inactive for some time. It will be triaged again label Jul 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature New feature triage/accepted The issue was reviewed and is complete enough to start working on it
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@michaelbeaumont @jakubdyszkiewicz @lukidzi @pennytextures