Skip to content

Load system certificates by default instead of Mozilla root certs #1276

New issue
New issue
Closed
Closed
Load system certificates by default instead of Mozilla root certs#1276
Labels
kind/bugCategorizes issue or PR as related to a bug.lifecycle/rottenDenotes an issue or PR that has aged beyond stale and will be auto-closed.
@Smana

Description

@Smana
Smana
opened on Oct 7, 2020

Hi everyone!

We have our own pki and the ca certificate is loaded into the system.
However, using the kubernetes python doesn't support loading system certs.

I checked the urllib changes and it is supposed to work (urllib3/urllib3#1608)

* Change ``HTTPSConnection`` to load system CA certificates
  when ``ca_certs``, ``ca_cert_dir``, and ``ssl_context`` are
  unspecified. (Pull #1608, Issue #1603)

Currently the default behaviour of the kubernetes python librairy is to use Mozilla's root certificates (https://github.com/kubernetes-client/python/blob/master/kubernetes/client/rest.py#L70)

Is there a reason for that ?

Environment:

  • Kubernetes version: 1.15.9
  • OS (e.g., MacOS 10.13.6): Ubuntu bionic
  • Python version: 3.7.9
  • Python client version: 7.0.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.lifecycle/rottenDenotes an issue or PR that has aged beyond stale and will be auto-closed.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions