How to put self-signed certificate to each node of GKE cluster?

I have a kubernetes cluster in GKE. Inside the cluster there is an private docker registry service. A certificate for this service is generated inside a docker image by running:

openssl req -x509 -newkey rsa:4096 -days 365 -nodes -sha256 -keyout /certs/tls.key -out /certs/tls.crt -subj "/CN=registry-proxy"

When any pod that uses an image from this private registry tries to pull the image I get an error:

x509: certificate signed by unknown authority

Is there any way to put the self signed certificate to all GKE nodes in the cluster to resolve the problem?

Source: Docker Questions

LEAVE A COMMENT