admin管理员组

文章数量:1122832

I need to use kubectl behind a HTTP proxy. Kubectl gives an error "certificate signed by unknown authority". This goes away if I do kubectl --insecure-skip-tls-verify but I'd rather install the CA for my proxy in a way that kubectl knows to trust it. Is there an environment variable I can set with a path to my CA that will cause kubectl to trust the CA? I'm looking for the equivalent of CURL_CA_BUNDLE for curl, which works like this:

CURL_CA_BUNDLE=path/to/ca.crt curl

I'm aware that I edit my kubeconfig like this:

- cluster:
    certificate-authority: path/to/ca.crt

but I'm wondering if there is a way to do this with an environment variables.

I need to use kubectl behind a HTTP proxy. Kubectl gives an error "certificate signed by unknown authority". This goes away if I do kubectl --insecure-skip-tls-verify but I'd rather install the CA for my proxy in a way that kubectl knows to trust it. Is there an environment variable I can set with a path to my CA that will cause kubectl to trust the CA? I'm looking for the equivalent of CURL_CA_BUNDLE for curl, which works like this:

CURL_CA_BUNDLE=path/to/ca.crt curl https://example.com

I'm aware that I edit my kubeconfig like this:

- cluster:
    certificate-authority: path/to/ca.crt

but I'm wondering if there is a way to do this with an environment variables.

  • ssl-certificate
  • kubectl
Share Improve this question asked Nov 21, 2024 at 16:12 Alex FlintAlex Flint 6,66611 gold badges48 silver badges86 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 1

Another workaround that might work is to set your SSL_CERT_FILE environment to point the path of your CA certificate. If you are behind an HTTP proxy you'll also likely need to configure the proxy environment variables.

export SSL\_CERT\_FILE=path/to/ca.crt

export HTTP\_PROXY=http://your.proxy.:port

export HTTPS\_PROXY=https://your.proxy.:port

Otherwise, you can just simply edit your config to trust the CA see this Proxy reference.

  • Proxy

  • kubectl config set proxy

  • kubectl does not work when I set HTTPS_PROXY

本文标签:

版权声明:本文标题:When using kubectl behind a proxy, can I set an environment variable to provide a custom certificate authority? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736309030a1933871.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。