trivy-operator icon indicating copy to clipboard operation
trivy-operator copied to clipboard
verified publisher icon aquasecurity

Inject private CA certificate via ConfigMap/Secret

Open SammyA opened this issue 2 years ago • 2 comments

The current method of injecting a trusted private CA certificate is via SSL_CERT_DIR env var, which mounts a hostPath volume. This is not very convenient, as that requires the cert to be distributed to al nodes, and also triggers a lot of security hardening rule violations (because of the hostPath mount).

It would be much better to support trusting injected certificates via ConfigMaps or Secrets.

SammyA avatar Dec 06 '23 06:12 SammyA

@SammyA contribution are welcome :)

chen-keinan avatar Dec 25 '23 13:12 chen-keinan

Anyone working on this? We're struggling to get Trivy working in a private CA environment.

PT-GD avatar Oct 20 '25 14:10 PT-GD