New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add parameter for trusted CA in backup configuration in UI #704
Comments
We also need to add document to https://github.com/longhorn/website for this new feature. |
We use the custom CA by default in our testing for now. No further end-to-end automation needed for now. longhorn/longhorn-tests@025b195 |
Steps to test:
|
The minio AWS_CERT_KEY (private key) is only necessary for our test-minio, it's up to the user to deploy their own ssl secured minio backupstore. We currently do not provide any guidance on how to do so, we only provide instructions for the client side (longhorn) setup (AWS_CERT) |
Validation PASSED Additional tests:
|
Longhorn will not accept a Minio endpoint wrapped in TLS from an unknown CA. After a long conversation in Slack, we all agreed that rather than accept any CA, it would be a fair compromise to specify a CA to trust for the backup endpoint. That CA can be an internal CA or a self-signed certificate that's sitting in front of Minio.
The text was updated successfully, but these errors were encountered: