Perry The Cynic
Dabbler
- Joined
- Aug 15, 2023
- Messages
- 34
On TrueNAS-SCALE-22.12.4.2, when I check the "add to trust store" checkbox in the import-a-CA UI workflow, the import succeeds but the CA is not, in fact, added to the trust store of the system. The root certificate shows up in /etc/certificates/CA but not in /etc/ssl/certs. As a result, TrueNAS cannot pull an image from a private registry certified by that CA (which happens to run on that very box, in case that matters). Pulls from outside (macOS with the root added to its trust store) work fine.
The obvious work-around (soft-linking the certificate into /etc/ssl/certs) works after restarting docker, but that reaches beneath the API surface and thus can't be a good answer.
Is this a bug or am I holding it wrong?
Cheers
-- perry
The obvious work-around (soft-linking the certificate into /etc/ssl/certs) works after restarting docker, but that reaches beneath the API surface and thus can't be a good answer.
Is this a bug or am I holding it wrong?
Cheers
-- perry