OpenID Connect Authentication with no-publicly trusted certifications

[droslean]

There is a configuration to add a rootCA to allow untrusted certifications, but there isn't any configuration for OpenID Connect

How Dex behaves when trying to authenticate using an oidc connector against a service that holds a non-trusted certification?

[sagikazarmark]

Dex is going to complain about untrusted certs. That's kind of understandable, since TLS is the only thing that protects the auth flow from being compromised.

But as you also pointed out, you can add your own rootCAs to make sure Dex trusts a self-signed cert.