ibexmonj
commented
3 years ago what version of gangway are you using ? https://github.com/heptiolabs/gangway/issues/119 mentions that trustedCAPath was introduced in v2.x
Open kotnn opened 3 years ago
ibexmonj
commented
3 years ago what version of gangway are you using ? https://github.com/heptiolabs/gangway/issues/119 mentions that trustedCAPath was introduced in v2.x
Hello. I am trying to set up gangway + dex +Active Directory for ldap authentification in kubernetes. I follow the steps: 1) logon to gangway and click sign in button:
2) enter creds and press login button:
3) press grant accesss:
4) and get an error:
What am I doing wrong?
my setup:
kind: Service apiVersion: v1 metadata: name: gangwaysvc namespace: gangway labels: app: gangway spec: type: ClusterIP ports:
name: "http" protocol: TCP port: 80 targetPort: "http" selector: app: gangway
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: gangway namespace: gangway annotations:
kubernetes.io/tls-acme: "true"
cert-manager.io/cluster-issuer: "letsencrypt-production"
spec: tls:
apiVersion: v1 kind: ConfigMap metadata: name: gangway namespace: gangway data: gangway.yaml: |
clusterName: "kubernetes"
authorizeURL: "https://dex.os33dev.net/dex/auth" #replace the domain name with your domain
tokenURL: "https://dex.os33dev.net/dex/token" #replace the domain name with your domain
scopes: ["openid", "profile", "email", "offline_access", "groups"]
redirectURL: "https://gangway.os33dev.net/callback" #replace the domain name with your domain
clientID: "gangway"
clientSecret: "Iz2Y51oWZSeF3n5gmeBH9ZHPncJU0JK8v4842o8XQ5s="
usernameClaim: "sub"
emailClaim: "email"
apiServerURL: https://k8sdev.dev3.os33.net:6443 #This should be your k8s API URL example https://name.domain.com:6443
kubernetes is bare metal and created via it's own CA for dex and gangway i use external cert *os33dev.net:
gangway pod logs:
I also trired to use trustedCAPath "/etc/gangway/tls/tls.crt" and put certificate chain for *.os33dev.net certificate but no luck
Please help