The kubeconfig file generated by gangway does not include the self-signed certificate (untrusted) cluster CA which is used to verify the trusted connection between dex. This will cause some confusion when refreshing id-token if users don't have trusted the CA like adding into the local trust or specific oidc auth options in kubeconfig (like idp-certificate-authorityoridp-certificate-authority-data).
The kubeconfig file generated by gangway does not include the self-signed certificate (untrusted) cluster CA which is used to verify the trusted connection between dex. This will cause some confusion when refreshing id-token if users don't have trusted the CA like adding into the local trust or specific oidc auth options in kubeconfig (like
idp-certificate-authorityoridp-certificate-authority-data).fixed #148 supersedes #149