It should be possible to use multiple cert-utils-operator.redhat-cop.io/source-ca-keys to generate a truststore using cert-utils-operator.redhat-cop.io/generate-java-truststore.
This would allow to combine service CA certificates (injected with service.beta.openshift.io/inject-cabundle) and additional "static" CA certificates (e.g. injected with config.openshift.io/inject-trusted-cabundle) in a single JKS truststore.
See attached file for a full example with a comma-separated list for source-ca-key.
configmap-combined-java-truststore.yaml.txt
It should be possible to use multiple
cert-utils-operator.redhat-cop.io/source-ca-keys to generate a truststore usingcert-utils-operator.redhat-cop.io/generate-java-truststore.This would allow to combine service CA certificates (injected with
service.beta.openshift.io/inject-cabundle) and additional "static" CA certificates (e.g. injected withconfig.openshift.io/inject-trusted-cabundle) in a single JKS truststore.See attached file for a full example with a comma-separated list for
source-ca-key.configmap-combined-java-truststore.yaml.txt