Slackbot
04/12/2023, 2:33 PMOr Weis
04/12/2023, 3:00 PM/etc/ssl/certs
and /etc/ssl/private
if I’m not mistaken) in the docker image and then it should be available for OPAL-client when trying to connect to OPA.
There isn’t an option to add it directly to the client at the moment (and not sure there should be, Though the underlying client can support that).
That being said, it could be a nice hack/feature to have OPAL automatically use the one if provider for the inline OPA config .
@Ro'e Katz, @Asaf Cohen, @Shaul Kremer, @Ori Shavit - WDYT ?Or Weis
04/12/2023, 3:08 PMOPA_HEALTH_CHECK_POLICY_ENABLED
Oskar Christensson
04/12/2023, 3:20 PMPOLICY_STORE_AUTH_TOKEN
https://docs.opal.ac/getting-started/configuration#opal-client-configuration-variables.
I can disable the /healthcheck sure, but since every api call to OPA would require a client certificate pushing setting policies from OPAL client won't work either.Or Weis
04/12/2023, 3:32 PMOr Weis
04/12/2023, 3:34 PMOskar Christensson
04/17/2023, 7:08 AMOr Weis
04/17/2023, 7:16 AMPOLICY_STORE_SSL_PEM
, POLICY_STORE_SSL_KEY
, and POLICY_STORE_SSL_CRT
Or Weis
04/17/2023, 7:18 AM