astefanutti commented on pull request #2383: URL: https://github.com/apache/camel-k/pull/2383#issuecomment-858452560
> Thanks for reviewing ! I'll add some documentation to https://camel.apache.org/camel-k/latest/configuration/maven.html ASAP; the hardest part was finding where Kubernetes hides the CA it uses to sign `CertificateSigningRequest`... Ah right, it uses the Kubernetes TLS API. I think the location of the key/CA used to signed the certificate is configurable and can differ from one k8s distribution to the other. On OpenShift, this would be a very good case for using the [service signing certificate service](https://docs.openshift.com/container-platform/4.7/security/certificates/service-serving-certificate.html#add-service-certificate_service-serving-certificate), to generate the certificate, as the CA is automatically mounted into Pods. It seems it's possible to provide our own certificate to the MinIO Operator: https://docs.min.io/minio/k8s/tutorials/transport-layer-security.html#id2. As this is a possible solution to hosting customs dependencies and beans, It'd be valuable to also try/document that approach for downstream. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
