A registry CA is not added/renewed into nodes when adding it as additionalTrustedCA to the image configuration in OpenShift 4
Issue
- After adding a CA via the
additionalTrustedCAin theimage.configresource to solve the issue described in Failed to pull image with x509: certificate signed by unknown authority error when using mirrored registries in OpenShift 4, the CA is not added to the OpenShift 4 nodes. - Trying to configure additional trust stores for image registry access, the CA is not added to the OpenShift 4 nodes.
- The
cluster-image-registry-operatoris failing withImagePullBackOffandx509: certificate signed by unknown authoritymessage.
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4
- Additional registries
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
