Certificate injection in Pulp containers#
In OpenShift environments, it is possible to mount additional trust bundles into Pulp containers.
Pulp operator handles part of the process.
trusted_ca: true Pulp operator will automatically create and mount a
ConfigMap with the custom CA into Pulp pods, but before doing so users need to first follow the steps from Enabling the cluster-wide proxy to "register" the custom CA certificate into the cluster.
It is recommended to execute the previous steps in a maintenance window because, since this is cluster-wide modification, the cluster can get unavailable if executed wrong (some cluster operators pods will be restarted).
Last update: 2023-03-24