diff --git a/bitnami/etcd/3.4/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh b/bitnami/etcd/3.4/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh index 3991aaab5620f..fe985afc8accf 100644 --- a/bitnami/etcd/3.4/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh +++ b/bitnami/etcd/3.4/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh @@ -307,7 +307,8 @@ etcdctl_auth_norbac_flags() { authFlags+=("--cert" "${ETCD_DATA_DIR}/fixtures/client/cert.pem" "--key" "${ETCD_DATA_DIR}/fixtures/client/key.pem") else [[ -f "$ETCD_CERT_FILE" ]] && [[ -f "$ETCD_KEY_FILE" ]] && authFlags+=("--cert" "$ETCD_CERT_FILE" "--key" "$ETCD_KEY_FILE") - [[ -f "$ETCD_TRUSTED_CA_FILE" ]] && authFlags+=("--cacert" "$ETCD_TRUSTED_CA_FILE") + # if CA file exists, then use CA to verify server certs; otherwise, just skip server certs verification + [[ -f "$ETCD_TRUSTED_CA_FILE" ]] && authFlags+=("--cacert" "$ETCD_TRUSTED_CA_FILE") || authFlags+=("--insecure-transport=false --insecure-skip-tls-verify=true") fi echo "${authFlags[*]}" } diff --git a/bitnami/etcd/3.5/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh b/bitnami/etcd/3.5/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh index 3991aaab5620f..fe985afc8accf 100644 --- a/bitnami/etcd/3.5/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh +++ b/bitnami/etcd/3.5/debian-12/rootfs/opt/bitnami/scripts/libetcd.sh @@ -307,7 +307,8 @@ etcdctl_auth_norbac_flags() { authFlags+=("--cert" "${ETCD_DATA_DIR}/fixtures/client/cert.pem" "--key" "${ETCD_DATA_DIR}/fixtures/client/key.pem") else [[ -f "$ETCD_CERT_FILE" ]] && [[ -f "$ETCD_KEY_FILE" ]] && authFlags+=("--cert" "$ETCD_CERT_FILE" "--key" "$ETCD_KEY_FILE") - [[ -f "$ETCD_TRUSTED_CA_FILE" ]] && authFlags+=("--cacert" "$ETCD_TRUSTED_CA_FILE") + # if CA file exists, then use CA to verify server certs; otherwise, just skip server certs verification + [[ -f "$ETCD_TRUSTED_CA_FILE" ]] && authFlags+=("--cacert" "$ETCD_TRUSTED_CA_FILE") || authFlags+=("--insecure-transport=false --insecure-skip-tls-verify=true") fi echo "${authFlags[*]}" }