https://www.ory.sh/ logo
#talk-kratos
Title
# talk-kratos
c

chilly-diamond-1578

11/15/2021, 7:30 PM
Hello everyone, I am trying to configure kratos with selfservice method
OIDC
with generic provider configuration. I made everything work with an identity server hosted with SSL certificate from trusted authority (I used Let'sencrypt). The problem is the whole solution is not working if I host the identity server with a self signed certificate. I couldn't find a way to provision the list of trusted authorities (CAs) in kratos config. The error I am getting from kratos is like 'Self signed certificate found while discovery" Can anybody suggest on this?
j

jolly-jelly-9637

11/15/2021, 8:39 PM
I assume you’re running Kratos from the official docker image. I think the best solution would be to add your self-signed certificate like suggested on StackOverflow. This would mean that you create your own kratos image with a self-signed certificate added to trusted certificates. The other option would be to modify kratos to accept TLS verification which would bypass the certificate but this is bad from a security perspective, plus you would still have to create a docker image based on the modified code. Option #1 sounds better 🙂
4 Views