Closed anonymouse64 closed 5 years ago
@tingyuz this is the issue I spoke about over Rocket.Chat and should be considered a blocker for Delhi.
we were planning to switch the cert from default to kong specific (created by vault) and the related code was updated as a result. I will have a PR to restore the logic back same as California.
This has been fixed for Delhi with #31, now just needs to be forward-ported to master for Edinburgh
The
edgexproxy
binary no longer configures Kong to use SSL certificates that were generated by thepkisetup
binary from security-secret-store from this change: https://github.com/edgexfoundry/security-api-gateway/commit/3f9f9deca250f68b56e8c8e2c54d54048e1c024a#diff-711007c703bd39258a3323751c269e25R51This means that when you deploy EdgeX using the security services, the SSL certificate presented by kong isn't signed by the Trust CA as it should be (and as it was with California).