craigtracey
commented
5 years ago What happens if you don't need a Trusted CA? Shouldn't this be optional?
Open paulczar opened 5 years ago
craigtracey
commented
5 years ago What happens if you don't need a Trusted CA? Shouldn't this be optional?
craigtracey
commented
5 years ago It also looks like we need a rebase here.
paulczar
commented
5 years ago This field is effectively optional ... if its not provided the contents of the field in the kube config file or in the command line template will be an empty string which the kubeconfig config reader then ignores because its set to omit if empty in the kubeconfig object.
paulczar
commented
5 years ago it would be great to get this merged in ... its blocking gangway from working with PKS
jenting
commented
4 years ago 
vijaykatam
commented
4 years ago jenting
commented
4 years ago Same, we bump into this issue when the dex CA is a self-signed CA. @paulczar Could you please rebase to the latest master branch to resolves the conflicts, thx.
asvasyanin
commented
4 years ago any updates?
brokencode64
commented
3 years ago Would love to see this merged as well, it's currently blocking us as well with using dex.
when tokens expire the kubeclient needs to refresh them and that means it needs to trust the CA of the openid server, to do that we need to pass
idp-certificate-authority-datathrough to the kubeconfig.