OIDC Connector Trusted Root CAs #2497
Unanswered
cisco-abrandel
asked this question in
Q&A
Replies: 2 comments
-
|
I see a similar question #2472, but the reply there seems to erroneously indicate you can use the rootCA option with the OIDC connector. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Disregard - we were stomping on /etc/ssl/certs as part of our k8s deployment and volume mounts, once we fixed that user error the publicly trusted CAs worked as expected. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I've read the docs https://dexidp.io/docs/connectors/oidc/ and had a quick look at the source code, but I fail to see where to add trusted root certificates to dex for use by the OIDC connector.
Even though there is a publicly trusted certificate on my IDP discovery URL, I still get an error of
x509: certificate signed by unknown authority. This leads me to believe that I need to explicitly add trust for some root certificate, but I fail to see where to do this using the OIDC connector. Other connectors appear to take a rootCA param, but OIDC does not that I can see.Beta Was this translation helpful? Give feedback.
All reactions