I have a grafana docker container running in an openshift environment.
I have a proxy in front of grafana which handles the SSL termination for grafana.
I am using grafana’s generic oauth mechanism for authentication.
I have a keycloak instance running with https.
Grafana gives the following error when someone tries to authenticate
lvl=eror msg=login.OAuthLogin(NewTransportWithCode) logger=context userId=0 orgId=0 uname= error=“Post https://auth-server-url/auth/realms/ABC/protocol/openid-connect/token: x509: certificate signed by unknown authority”
I have already set all the variables required for generic oauth including the tls_cert, tls_key, tls_ca.
When I put certs from a well known CA like GoDaddy everything works fine.
But I have custom company generated certs with our own ca. I want to add this to grafana’s trusted CAs.
Is there a way to do this?