Read self-signed certiicate from dedicated secret (to be consistent w…

…ith operator installer) (#17044) Signed-off-by: Mykola Morhun <mmorhun@redhat.com>
eclipse-che · Jun 16, 2020 · 6ae2c66 · 6ae2c66
1 parent a901e3a
commit 6ae2c66
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/deploy/kubernetes/helm/che/templates/deployment.yaml b/deploy/kubernetes/helm/che/templates/deployment.yaml
@@ -100,7 +100,7 @@ spec:
           valueFrom:
             secretKeyRef:
               key: ca.crt
-              name: {{ .Values.global.tls.secretName }}
+              name: {{ .Values.global.tls.selfSignedCertSecretName }}
               optional: false
         {{- end }}
 

diff --git a/deploy/kubernetes/helm/che/values.yaml b/deploy/kubernetes/helm/che/values.yaml
@@ -46,8 +46,9 @@ global:
     secretName: che-tls
 
     ## If self-signed certificate flag is enabled
-    ## then CA certificate from `tls.secretName` will be propagated to Che components' trust stores
-    useSelfSignedCerts: false
+    ## then CA certificate from `tls.selfSignedCertSecretName` will be propagated to Che components' trust stores
+    useSelfSignedCerts: true
+    selfSignedCertSecretName: self-signed-certificate
 
     ## Name of the config-map with public certificates to add to Java trust store of the Che server.
     serverTrustStoreConfigMapName: ""