Skip to content

Ability to change caCertificateRefs ca.crt key #7567

@gcleroux

Description

@gcleroux

When creating a BackendTLSPolicy, the caCertificateRefs key is statically set to ca.crt.
When using cluster-api to bootstrap workload clusters, the created $CLUSTER-ca secret will have the following keys: tls.crt and tls.key.

Having the ability to set the CA key to tls.crt would support these resources without having to use something like kyverno to add the ca.crt field to the secret.

Similar issue on Gateway API: kubernetes-sigs/gateway-api#4196

Metadata

Metadata

Assignees

No one assigned

    Labels

    help wantedExtra attention is needed

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions