[Question] Custom CA - GA or Deprecated? #4596
Comments
Issue public certificates even for private endpoint is that best possible option that you can today. |
Sadly that is not under our control so we have to live with what is given to us. |
|
Hi @TimJongerius , the work required for GA is currently ongoing. While we are still exploring different options for our final GA design, the feature will be brought to GA. There is no definitive ETA to share right now, but we are targeting Q1 2025 at this time. Potential changes that are being considered is removal of the "after node creation" flow, only keeping the "before node boots up" way. If you have any comments/thoughts on how the feature works today - please feel free to share here. Feedback is always welcome and very helpful as we finalize the design. |
We are currently leveraging the AKS Custom CA (Preview) feature to connect our AKS clusters with private, on-premise container registries (e.g., Nexus), which require custom Certificate Authorities (CAs). This is a crucial part of our setup, as we need to pull images from these private registries for compliance and security reasons.
Given that this feature has been in Preview for a significant period, we are concerned about its future, as we’ve heard rumors regarding its potential deprecation. The uncertainty around this is troubling, as many of our clients depend on this functionality for their production workloads.
Could you provide an update on the current state of the AKS Custom CA feature? Specifically:
Our clients are eagerly waiting for a stable, supported solution, and any clarity you can provide would be greatly appreciated.
Best regards
Tim Jongerius
The text was updated successfully, but these errors were encountered: