I’m using two gitea instances, running in two distinct k8s environement (they run the official gitea container image 1.11.5 taken from Docker hub)
These 2 k3s envs are both using a sub-CA that come from a self-sign CA. The containers by themselves don’t serve TLS, but TLS is performed by an Apache reverse-proxy running on k3s nodes.
To schematize I have something like:
# /- gitea pod (master) # /- K8S #1 ---------------+ # / (with apache/sub-CA #1) # root CA --------+ # (auto-signed) \ # \- K8S #2 ---------------+ # (with apache/sub-CA #2) \- gitea pod (slave)
The “slave” gitea need to clone some projects hosted on the “master” gitea… And I’m facing an issue because Gitea don’t trust the certificate with the auto-signed CA on my k3s node #1.
I tried some live manipulations in my running Gitea “slave” pod to add the root-CA and sub-CA #1 certificates in /etc/ssl/certs and running ‘update-ca-certificates’ command but it have no impact.
I would like to avoid TLS verification, so my question is simple : with a Gitea instance that don’t run in HTTPS mode (eg. no CERT_FILE nor KEY_FILE in Gitea config), how can I get my autosigned CA trusted ?
Thanks for you help
So my question is simple : how to get Git