RequestAuthentication fails if authentication server uses a certificate signed by a private certification authority

YangminZhu · January 14, 2021, 12:02am

You can set the jwksResolverExtraRootCA to use an extra root CA for your jwks server, see Setting pilot.jwksResolverExtraRootCA in IstioOperator - #4 by jbrongtr

Topic		Replies	Views
RequestAuthentication doesn't work with keycloak running on https in Istio1.6.8 Security security	0	499	October 29, 2020
Adding custom CA certificates to istiod not working anymore? Security	1	601	May 14, 2023
Istio 1.6.3 - RequestAuthentication don't work with Keycloak	7	3561	December 3, 2020
How to use keycloak for RequestAuthentication in Istio 1.6.3?	1	2939	July 7, 2020
Ingressgateway not grabbing end user authentication certs? Security	1	1774	January 30, 2019