Inject root CA certificates in trust store of OS
Summary
If for some reasons some applications configured in Ubuntu or *SUSE OSes requires to connected to applications we have on the mgmt clusters, for example Keycloak, these applications cannot trust the certificate because the root CA used to signed Keycloak or other application deployed in clusters is not injected in the trust store.
related references
Details
We try to connect the SSHD, or the related authentication libraries (PAM*) to Keycloak. Unfortunately the OSes/nodes are not built with the root CA we used to sign our applications we deploy on our clusters like Keycloak. So currently connections cannot be established properly, sometime rejected by some modules. So we need to inject the root CA we declare in the trust store of all OSes.