I’m trying to setup x509 authentication in addition to OAuth authentication for my Spinnaker instance. I need this to allow script access to the instance.
In our setup we run Spinnaker on GKE and have SSL terminated at Kubernetes ingresses. So that Gate and Deck pods expose plain http endpoints. When I enable x509 as described in the guides above (which implies enabling SSL) I see that Gate exposes https endpoints:
INFO 1 --- [ main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8084 (https) 8085 (https)
Also in the Deck UI I see the following error:
Bad Request This combination of host and port requires TLS.
Does it mean that if we want to enable x509 authentication for Gate we need to revise our complete SSL setup?