Baoyuantop commented on issue #235:
URL:
https://github.com/apache/apisix-helm-chart/issues/235#issuecomment-4205367568
To configure a private CA certificate for APISIX (e.g., for the
`authz-keycloak` plugin to verify upstream HTTPS), use:
```yaml
apisix:
ssl:
existingCASecret: "your-ca-secret"
certCAFilename: "ca.crt"
```
(values.yaml lines 316-319)
Create a Kubernetes Secret containing your private CA certificate:
```bash
kubectl create secret generic your-ca-secret
--from-file=ca.crt=/path/to/your/ca-certificate.pem -n your-namespace
```
This will make APISIX trust your private CA when performing SSL/TLS
handshakes with external services.
Closing as this is a usage question. If you still need help, please feel
free to reopen.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
