No option to set the CA (or disable CA verification) for OAuth

Question

No option to set the CA (or disable CA verification) for OAuth

Opened this issue 3 years ago · 0 comments

Hello,

When deploying the dev example configuration on EKS, up complains with the following errors:

caller=level.go:63 ts=2021-09-30T13:58:58.295417174Z name=up level=error caller=main.go:113 component=writer msg="failed to make request" err="making request: Post "https://dex.dex.svc.cluster.local:5556/dex/auth?client_id=test&response_type=code&scope=openid+profile+email+groups&state=I+love+Observatorium\": x509: certificate signed by unknown authority"

The documentation says that If no CA is specified, there won't be any verification, but this only seems to apply to the endpoint, not to the eventual OAuth part

Either the existing TLS configuration options should be reused or new one should be added for that case