Hello,
I’m using two gitea instances, running in two distinct k8s environement (they run the official gitea container image 1.11.5 taken from Docker hub)
These 2 k3s envs are both using a sub-CA that come from a self-sign CA. The containers by themselves don’t serve TLS, but TLS is performed by an Apache reverse-proxy running on k3s nodes.
To schematize I have something like:
# /- gitea pod (master)
# /- K8S #1 ---------------+
# / (with apache/sub-CA #1)
# root CA --------+
# (auto-signed) \
# \- K8S #2 ---------------+
# (with apache/sub-CA #2) \- gitea pod (slave)
The “slave” gitea need to clone some projects hosted on the “master” gitea… And I’m facing an issue because Gitea don’t trust the certificate with the auto-signed CA on my k3s node #1.
I tried some live manipulations in my running Gitea “slave” pod to add the root-CA and sub-CA #1 certificates in /etc/ssl/certs and running ‘update-ca-certificates’ command but it have no impact.
I would like to avoid TLS verification, so my question is simple : with a Gitea instance that don’t run in HTTPS mode (eg. no CERT_FILE nor KEY_FILE in Gitea config), how can I get my autosigned CA trusted ?
Thanks for you help 
So my question is simple : how to get Git