Skip to content

feature: Trust external CA - apiserver #3637

New issue
New issue
Open
Open
feature: Trust external CA - apiserver#3637
Labels
kind/featureCategorizes issue or PR as related to a new feature.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.
@mjudeikis

Description

@mjudeikis
mjudeikis
opened on Oct 8, 2025

Feature Description

When running kcp with an external load balancer, such as CloudFlare, where TLS termination occurs at the external provider.

Proposed Solution

In this particular scenario, the KCP APIserver will need to trust either the OS CA certificate store OR an explicit flag to provide a CA bundle to be trusted as external certificates.

Alternative Solutions

No response

Want to contribute?

  • I would like to work on this issue.

Additional Context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featureCategorizes issue or PR as related to a new feature.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.

    Type

    No type

    Projects

    kcp

    Status

    New

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions