Add local CA to k3os / k3s for private registry


I have four node cluster with one master running. I also created a own registry with a local CA. Adding a image was ok, but trying to create a pod with an image from the local registry fails:

Failed to pull image "registry.example.local/myapps/my-service-a-app:1.0.0": rpc error: code = Unknown desc = failed to resolve image "registry.example.local/myapps/my-service-a-app:1.0.0": no available registry endpoint: failed to do request: Head https://registry.example.local/v2/myapps/my-service-a-app/manifests/1.0.0: x509: certificate signed by unknown authority

The CA was created via cert-manager and with Hashicorp Vault PKI in the back. I have no idea, where I have to add the local CA to k3os (0.2.2rc2).

I created also an issue on Github.

Any suggestions ?