I have a kubernetes cluster in GKE. Inside the cluster there is an private docker registry service. A certificate for this service is generated inside a docker image by running:
openssl req -x509 -newkey rsa:4096 -days 365 -nodes -sha256 -keyout /certs/tls.key -out /certs/tls.crt -subj "/CN=registry-proxy"
When any pod that uses an image from this private registry tries to pull the image I get an error:
x509: certificate signed by unknown authority
Is there any way to put the self signed certificate to all GKE nodes in the cluster to resolve the problem?
Source: Docker Questions