Certificates

All about TLS certificates

Untrusted Root Certificates

Many organizations deploy their own Root Certificate and CA service inside the corporate networks. Internal websites, image repositories and other resources may install SSL server certificates issued by this CA service for security and privacy concerns.

You may install the Root Certificate into the minikube cluster to access these corporate resources within the cluster.

Tutorial

You will need a corporate X.509 Root Certificate in PEM format. If it’s in DER format, convert it:

  1. openssl x509 -inform der -in my_company.cer -out my_company.pem

Copy the certificate into the certs directory:

  1. mkdir -p $HOME/.minikube/certs
  2. cp my_company.pem $HOME/.minikube/certs/my_company.pem

Then restart minikube with the --embed-certs flag to sync the certificates:

  1. minikube start --embed-certs

Last modified February 7, 2021: Add missing reference to —embed-certs (4a20660a3)