Connecting to an S3 gateway with a self-signed certificate


I have an S3 gateway with a self-signed certificate, how can I add the CA-certificate to the runner that works in a K8S cluster?

Of course, I can set Insecure = true in the runners.cache.s3 section, but it’s not a solution. If I set Insecure = false, I the runner can’t get access to the cache: FATAL: Get https://rook-ceph-rgw-rgw.rook-ceph.svc.k8s.c13.***.***.net/gitlab-runner-cache/gitlab_runner/project/7/default?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=[FILTERED]&X-Amz-Date=20190818T142112Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=[FILTERED] x509: certificate signed by unknown authority

How can I provide the CA certificate to the runner?

Thanks in advance!

P.S. The runner is deployed with the gitlab/gitlab-runner Helm chart, I tried to set certsSecretName parameter, but it seems that it works only for the connections to the gitlab server, not for the connections to the S3 service. :frowning: