Custom CA in S3 backup target

Hello,

I successfully install longhorn on my cluster and I use ceph (S3) as a backup target.
My company has a private network with custom CA.
I modified the files in helm chart to mount the CA as a volume for the ui (I can now browse the page without error).
But how can I inject the CA in the pod/deployment managed by longhorn. In particular, I’m interested to modify the instancemanager pods because I see in the logs x509 : signed by unknow authority each time I want to do a backup.

Thanks for the help

Nicolas

Hi @nicolas87

We’ve just implemented this feature in the upcoming v1.0.0. Check https://github.com/longhorn/longhorn/issues/704 for details. The document is currently at https://staging.longhorn.io/docs/0.8.1/snapshots-and-backups/backup-and-restore/set-backup-target/#using-a-self-signed-ssl-certificate-for-s3-communication. and will be merged into master when GA v1.0.0 released.

1 Like

Hi @yasker

Thank you for the links.
I often read the issues to follow the dev but that one slip out of my watch.

Do I need to use master if I want to test or the 0.8.1 release already got it ?

Thanks

Hi @nicolas87

You can test it using upcoming v1.0.0-RC1, which should be out early next week. But it would require a new setup since it’s not upgradable from/to other version.

1 Like