Uploaded image for project: 'Docs for Red Hat Developers'
  1. Docs for Red Hat Developers
  2. RHDEVDOCS-2841

How are TLS certificates propagated? #19318

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Won't Do
    • Icon: Critical Critical
    • None
    • Che 7.27
    • Eclipse Che
    • devex docs #199 Mar 25-Apr 15, devex docs #200 Apr 15-May 6, devex docs #201 May 6-May 27, devex docs #202 May 27-Jun 17
    • 8
    • Undefined

      https://github.com/eclipse/che/issues/19318

      Summary

      This is actually a clarification that replaces this issue. It may end up or not in a doc article.

      Relevant information

      In this doc article it's explained how to import custom TLS certificates in Che so that those are trusted: an admin needs to create configmaps from the CA public certs files and add the following labels:

      • app.kubernetes.io/part-of=che.eclipse.org
      • app.kubernetes.io/component=ca-bundle

      but then it's not clear how Che propagates the certificates in the workspace pod.

      1. In what folder of the workspace containers are those certificates mounted?
      2. How do we specify TLS key and certificate to be used by Che ingress/routes (and to be trusted too)?
      3. How a che-theia plugin or a che editor can trust those certs?
      4. What's the self-signed-cert secret for?

              Unassigned Unassigned
              ffloreth@redhat.com Fabrice Flore-Thébault
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: