Hi, I’m in the process of setting up an on-prem deployment. My company prefers to host almost everything internally, and we have our own certificate authority that issues certs for all of our internal sites. Our self-hosted gitlab, binderhub, and the in-deployment jupyterhub will all make use of …

Ok, I think I got it. For all of our internal applications, we install a cert bundle which contains 2 certs. Solution: un-bundle the certs inside and install both separately. For context: update-ca-certificates looks for any file suffixed with .crt that lives in /usr/local/share/ca-certificates (…

On-prem binderhub deployment w/ internal CA

Binder

betatim November 11, 2020, 8:31am 4

And right after posting my reply I found

which suggests that tornado does not use the OS level trusted roots?! This is annoying I’d still try and dig into why/how to persuade tornado to use the OS level CA bundle and only resort to having to customise the code after exhausting that option.

Topic		Replies	Views
Missing Certificate BinderHub	1	590	April 16, 2020
Binderhub with private gitlab server BinderHub	0	611	April 16, 2020
Private Gitlab Access for BinderHub BinderHub	8	4039	March 3, 2021
Dodgy SSL cert usage.mybinder.org (list of binderHubs anyone?) Binder	4	672	February 21, 2020
BinderHub with private GitLab and user scopes BinderHub how-to	5	1655	July 3, 2020

On-prem binderhub deployment w/ internal CA

Related topics