Baoyuantop commented on issue #791: URL: https://github.com/apache/apisix-helm-chart/issues/791#issuecomment-4205299121
The chart supports mounting custom CA certificates via `values.yaml`: - `apisix.ssl.existingCASecret`: Name of a Secret containing trusted CA certificates in PEM format (line 316-317) - `apisix.ssl.certCAFilename`: The filename within the Secret (line 318-319) By default, the system-level trusted CAs from the container image are not loaded into APISIX's trust store — you need to explicitly provide them via the above settings. For `openid-connect` with `ssl_verify`, mount your CA cert using `existingCASecret` and `certCAFilename`, or use `apisix.fullCustomConfig` to customize the `ssl_trusted_certificate` path. Closing as this is a usage question. If you still encounter issues, please feel free to reopen. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
