Merge branch 'ancient-security-config-ssl_verify'

ManageIQ · Mar 23, 2022 · 5086eb8 · 5086eb8
2 parents e05c715 + f61a4e1
commit 5086eb8
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/lib/kubeclient/config.rb b/lib/kubeclient/config.rb
@@ -57,13 +57,16 @@ def context(context_name = nil)
 
       ssl_options = {}
 
+      ssl_options[:verify_ssl] = if cluster['insecure-skip-tls-verify'] == true
+                                   OpenSSL::SSL::VERIFY_NONE
+                                 else
+                                   OpenSSL::SSL::VERIFY_PEER
+                                 end
+
       if cluster_ca_data?(cluster)
         cert_store = OpenSSL::X509::Store.new
         populate_cert_store_from_cluster_ca_data(cluster, cert_store)
-        ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER
         ssl_options[:cert_store] = cert_store
-      else
-        ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_NONE
       end
 
       unless client_cert_data.nil?