johanot has joined #nixos-kubernetes
<azazel> I'm the only one suffering from ?
johanot has quit [Quit: WeeChat 2.4]
johanot has joined #nixos-kubernetes
johanot has quit [Quit: WeeChat 2.4]
<azazel> srhb: but in #60687 are you using something like curl --cacert /var/lib/kubernetes/secrets/ca.pem?
<srhb> azazel: Yes
<srhb> azazel: I pointed it at, uh.. + "pem"
<srhb> azazel: Right now I don't really want to touch it before johanot checks in later, because you're right that it'll just fail, even in tests, without doing something to deal with pki and curl.
<srhb> azazel: I've forgotten too much of k8s pki to dare change anything without johanot at least looking it over now :)
<azazel> :-)
<azazel> ok, no problem
<azazel> for now I'm using -k
<srhb> Yeah, I think I'm leaning towards that being the right solution anyway, given that the endpoint is exposed anyway.
<srhb> And we can't know that people have proper pki set up...