This is a follow up to an issue from the node-deployment repo prior to consolidation in this repo. In summary: any component that needs to communicate with services outside of the node (e.g. the hub) should be able to accept and utilize additional certificates (in PEM) since some institutions may use self-signed certificates and SSL will fail without them.
The required changes are already largely implemented in this pull request, but only for the UI and message broker who both make use of the NODE_EXTRA_CA_CERTS environment variable. The extra certs will be added as a ConfigMap in the flame-node helm chart and the other components need to be updated to also read the need file if present.
This is a follow up to an issue from the
node-deploymentrepo prior to consolidation in this repo. In summary: any component that needs to communicate with services outside of the node (e.g. the hub) should be able to accept and utilize additional certificates (in PEM) since some institutions may use self-signed certificates and SSL will fail without them.The required changes are already largely implemented in this pull request, but only for the UI and message broker who both make use of the
NODE_EXTRA_CA_CERTSenvironment variable. The extra certs will be added as a ConfigMap in theflame-nodehelm chart and the other components need to be updated to also read the need file if present.